Plattform
python
Komponente
open-webui
Behoben in
0.3.9
CVE-2024-7959 describes a Server-Side Request Forgery (SSRF) vulnerability found in open-webui, a Python-based web UI, versions up to 0.3.8. This flaw allows attackers to redirect requests through the /openai/models endpoint, potentially exposing internal resources and leading to command execution. The vulnerability was published on 2025-03-20, and mitigation involves upgrading to a patched version or implementing temporary workarounds.
The SSRF vulnerability in open-webui allows an attacker to control the URL used by the /openai/models endpoint. By manipulating this URL, an attacker can force the application to make requests to arbitrary internal or external resources. This could expose sensitive data stored within the internal network, such as database credentials or API keys. More critically, an attacker could potentially access instance secrets, leading to command execution on the server hosting open-webui. This represents a significant escalation of risk, potentially allowing for complete system compromise. The ability to redirect requests to internal services without proper validation makes this a particularly dangerous vulnerability.
CVE-2024-7959 is not currently listed on the CISA KEV catalog. Public proof-of-concept exploits are not widely known at this time. The vulnerability's severity is considered HIGH due to the potential for command execution. The published date of 2025-03-20 indicates recent disclosure, and active exploitation is possible, though not confirmed.
Organizations deploying open-webui, particularly those using it to interact with OpenAI services, are at risk. Environments with weak network segmentation or exposed internal services are especially vulnerable. Users relying on open-webui for sensitive tasks or data processing should prioritize mitigation.
• python / server:
import requests
import urllib3
http = urllib3.PoolManager()
try:
response = http.request('GET', 'http://localhost:7860/openai/models?url=http://169.254.169.254/latest/meta-data/iam/security-credentials/admin')
print(response.status)
except Exception as e:
print(f"Error: {e}")• linux / server:
journalctl -u open-webui -g "openai/models"• generic web:
curl -I http://<open-webui-ip>/openai/models?url=http://169.254.169.254/latest/meta-data/iam/security-credentials/admindisclosure
Exploit-Status
EPSS
0.36% (58% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2024-7959 is to upgrade open-webui to a version that addresses the SSRF vulnerability. Unfortunately, a fixed version is not explicitly mentioned in the provided data. As a temporary workaround, implement a Web Application Firewall (WAF) rule to restrict outbound requests from the /openai/models endpoint to only trusted OpenAI domains. Additionally, carefully review and restrict access to any internal services that might be exposed by this vulnerability. Consider implementing stricter network segmentation to limit the blast radius of a potential compromise. After upgrading (or implementing WAF rules), verify the mitigation by attempting to access an internal resource through the /openai/models endpoint; the request should be blocked or redirected to the intended OpenAI domain.
Aktualisieren Sie open-webui auf eine Version nach 0.3.8, die die SSRF-Schwachstelle behebt. Weitere Informationen zur Behebung finden Sie in den Versionshinweisen oder im Änderungsprotokoll. Als vorübergehende Maßnahme beschränken Sie den Zugriff auf die Instanz und überwachen Sie ausgehende Anfragen.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2024-7959 is a Server-Side Request Forgery vulnerability in open-webui versions up to 0.3.8, allowing attackers to redirect requests and potentially gain command execution.
You are affected if you are using open-webui version 0.3.8 or earlier. Assess your deployment and implement mitigation strategies immediately.
Upgrade to a patched version of open-webui. If a patch is unavailable, implement a WAF rule to restrict outbound requests from the /openai/models endpoint.
Active exploitation is not confirmed, but the vulnerability's severity suggests it is a potential target for attackers.
Refer to the open-webui project's official repository and communication channels for updates and advisories related to CVE-2024-7959.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.
Lade deine requirements.txt-Datei hoch und wir sagen dir sofort, ob du betroffen bist.