Platform
python
Component
vertaai-modeldb
CVE-2024-1961 is a Remote Code Execution (RCE) vulnerability affecting the vertaai/modeldb Python component. This vulnerability stems from inadequate sanitization of user-supplied file paths within the file upload functionality, enabling attackers to write arbitrary files. Affected versions include all versions up to the latest release. A fix is available; upgrading is the recommended remediation.
An attacker can exploit this vulnerability to achieve Remote Code Execution (RCE) on systems running vertaai/modeldb. By manipulating the 'artifact_path' parameter during file uploads, an attacker can overwrite critical files within the file system. This is particularly concerning when the application is deployed outside of Docker containers, as it allows for broader system compromise. Successful exploitation could lead to complete system takeover, data exfiltration, and further lateral movement within the network. The ability to overwrite configuration files presents a significant risk, as attackers can modify application behavior to suit their malicious purposes.
CVE-2024-1961 was publicly disclosed on April 16, 2024. No public proof-of-concept (PoC) code has been released at the time of writing, but the vulnerability's nature makes it likely that a PoC will emerge. The vulnerability's ease of exploitation and potential for RCE suggest a medium probability of exploitation, although it has not yet been added to the CISA KEV catalog.
Exploit Status
EPSS
4.97% (90% percentile)
CVSS Vector
The primary mitigation for CVE-2024-1961 is to upgrade to a patched version of vertaai/modeldb as soon as it becomes available. Until a patch is applied, consider implementing strict file access controls to limit write permissions for the application user. Implement robust input validation and sanitization routines to prevent path traversal attacks. Consider using a Web Application Firewall (WAF) with rules to block requests containing suspicious file paths. Monitor file system activity for unexpected file creations or modifications.
Actualice vertaai/modeldb a la última versión disponible. Asegúrese de que la aplicación se ejecute dentro de un contenedor Docker con configuraciones de seguridad adecuadas para mitigar el riesgo de escritura arbitraria de archivos. Revise y endurezca la configuración de la aplicación para evitar la sobrescritura de archivos críticos.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2024-1961 is a Remote Code Execution vulnerability in vertaai/modeldb caused by improper file path sanitization, allowing attackers to write arbitrary files and potentially gain control of the system.
If you are using vertaai/modeldb versions up to the latest, you are potentially affected. Check your version and upgrade as soon as a patch is available.
The recommended fix is to upgrade to a patched version of vertaai/modeldb. Until then, implement strict file access controls and input validation.
While no active exploitation has been confirmed, the vulnerability's nature suggests a potential for exploitation, and monitoring is advised.
Refer to the vertaai/modeldb project's repository or official communication channels for the latest advisory and patch information.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Upload your requirements.txt file and we'll tell you instantly if you're affected.