CVE-2024-7033
Published: 20 March 2025
Description
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Security Summary
CVE-2024-7033 is an arbitrary file write vulnerability in version 0.3.8 of open-webui/open-webui, specifically affecting deployments on Windows. The issue resides in the download_model endpoint, where the application fails to properly handle file paths. This allows attackers to manipulate paths and write files to arbitrary locations on the server's filesystem, potentially overwriting critical system or application files.
Exploitation requires high privileges (PR:H) but can be performed over the network (AV:N) with low complexity (AC:L) and no user interaction (UI:N). A privileged attacker could achieve denial of service by overwriting key files or escalate to remote code execution (RCE) by targeting executable locations. Successful RCE would run malicious code under the privileges of the user running the application, potentially leading to full system compromise. The vulnerability has a CVSS v3.1 base score of 7.2 (C:H/I:H/A:H/S:U) and is associated with CWE-29 (Path Traversal: '.../').
For mitigation details, refer to the advisory at https://huntr.com/bounties/7078261f-8414-4bb7-9d72-a2a4d8bfd5d1.
Details
- CWE(s)
Affected Products
AI Security Analysis
- AI Category
- Other Platforms
- Risk Domain
- Supply Chain and Deployment
- OWASP Top 10 for LLMs 2025
- None mapped
- MITRE ATLAS Techniques
- None mapped
- Classification Reason
- Open-WebUI is a web-based platform/UI for interacting with LLMs (e.g., via Ollama), with the vulnerability in the 'download_model' endpoint confirming its role in AI model handling and deployment.
MITRE ATT&CK Enterprise Techniques
Why these techniques?
Arbitrary file write via path manipulation in the download_model endpoint of the web application enables ingress tool transfer (downloading attacker-controlled content to arbitrary paths) and exploitation of a public-facing application for RCE or DoS.