mudler/LocalAI version 2.17.1 allows for arbitrary file write due to improper handling of automatic archive extraction. When model configurations specify additional files as archives (e.g., .tar), these archives are automatically extracted after downloading. This behavior can be exploited to perform a 'tarslip' attack, allowing files to be written to arbitrary locations on the server, bypassing checks that normally restrict files to the models directory. This vulnerability can lead to remote code execution (RCE) by overwriting backend assets used by the server.
History

Wed, 13 Nov 2024 15:00:00 +0000

Type Values Removed Values Added
Weaknesses NVD-CWE-noinfo
CPEs cpe:2.3:a:mudler:localai:2.17.1:*:*:*:*:*:*:*
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}


Tue, 29 Oct 2024 14:15:00 +0000

Type Values Removed Values Added
First Time appeared Mudler
Mudler localai
CPEs cpe:2.3:a:mudler:localai:*:*:*:*:*:*:*:*
Vendors & Products Mudler
Mudler localai
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Tue, 29 Oct 2024 13:00:00 +0000

Type Values Removed Values Added
Description mudler/LocalAI version 2.17.1 allows for arbitrary file write due to improper handling of automatic archive extraction. When model configurations specify additional files as archives (e.g., .tar), these archives are automatically extracted after downloading. This behavior can be exploited to perform a 'tarslip' attack, allowing files to be written to arbitrary locations on the server, bypassing checks that normally restrict files to the models directory. This vulnerability can lead to remote code execution (RCE) by overwriting backend assets used by the server.
Title Arbitrary File Write in mudler/LocalAI
Weaknesses CWE-20
References
Metrics cvssV3_0

{'score': 8.1, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H'}


cve-icon MITRE

Status: PUBLISHED

Assigner: @huntr_ai

Published: 2024-10-29T12:46:54.732Z

Updated: 2024-10-29T13:33:58.219Z

Reserved: 2024-07-17T21:19:44.930Z

Link: CVE-2024-6868

cve-icon Vulnrichment

Updated: 2024-10-29T13:33:51.795Z

cve-icon NVD

Status : Analyzed

Published: 2024-10-29T13:15:08.473

Modified: 2024-11-13T14:43:33.037

Link: CVE-2024-6868

cve-icon Redhat

No data.