6.5

CVSS Score

3.0

Basic Information

CVE ID

CVE-2024-7034

GHSA ID

GHSA-crh6-pj8c-xrhc

EPSS Score

0.71551%

CWE

CWE-22

Published

3/20/2025

Updated

3/21/2025

KEV Status

Technology

Python

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2024-7034

CVE-2024-7034: Open WebUI Allows Arbitrary File Write via the `/models/upload` Endpoint

In open-webui version 0.3.8, the endpoint /models/upload is vulnerable to arbitrary file write due to improper handling of user-supplied filenames. The vulnerability arises from the usage of file_path = f"{UPLOAD_DIR}/{file.filename}" without proper input validation or sanitization. An attacker can exploit this by manipulating the file.filename parameter to include directory traversal sequences, causing the resulting file_path to escape the intended UPLOAD_DIR and potentially overwrite arbitrary files on the system. This can lead to unauthorized modifications of system binaries, configuration files, or sensitive data, potentially enabling remote command execution.

(GitHub Advisory)

6.5

CVSS Score

3.0

Basic Information

CVE ID

CVE-2024-7034

GHSA ID

GHSA-crh6-pj8c-xrhc

EPSS Score

0.71551%

CWE

CWE-22

Published

3/20/2025

Updated

3/21/2025

KEV Status

Technology

Python

Technical Details

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
open-webui	pip

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability description explicitly identifies the pattern file_path = f"{UPLOAD_DIR}/{file.filename}" as the root cause. This code pattern would typically exist in the request handler function for the /models/upload endpoint. While exact function names and file paths aren't provided in the advisory, the described vulnerability pattern clearly indicates the file upload handling function associated with this endpoint is vulnerable due to: 1) Direct use of user-controlled filename without sanitization 2) Lack of path normalization 3) Absence of checks preventing directory traversal. The confidence is high because the code snippet provided in the advisory directly maps to common web framework file upload handler implementations.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

In op*n-w**ui v*rsion *.*.*, t** *n*point `/mo**ls/uplo**` is vuln*r**l* to *r*itr*ry *il* writ* *u* to improp*r **n*lin* o* us*r-suppli** *il*n*m*s. T** vuln*r**ility *ris*s *rom t** us*** o* `*il*_p*t* = *"{UPLO**_*IR}/{*il*.*il*n*m*}"` wit*out pro

Reasoning

T** vuln*r**ility **s*ription *xpli*itly i**nti*i*s t** p*tt*rn `*il*_p*t* = *"{UPLO**_*IR}/{*il*.*il*n*m*}"` *s t** root **us*. T*is *o** p*tt*rn woul* typi**lly *xist in t** r*qu*st **n*l*r *un*tion *or t** /mo**ls/uplo** *n*point. W*il* *x**t *un*

6.5

Basic Information

Concerned about an active attack path?

CVE-2024-7034: Open WebUI Allows Arbitrary File Write via the `/models/upload` Endpoint

6.5

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI