Platform
python
Component
rasa
Fixed in
3.6.22
CVE-2024-49375 describes a Remote Code Execution (RCE) vulnerability within the Rasa open-source machine learning framework. An attacker can achieve RCE by remotely loading a maliciously crafted model into a Rasa instance. This vulnerability affects versions of Rasa up to and including 3.6.21, and a patch is available in version 3.6.21.
Successful exploitation of CVE-2024-49375 allows an attacker to execute arbitrary code on the Rasa server with the privileges of the Rasa process. This could lead to complete system compromise, data exfiltration, or denial of service. The prerequisites for exploitation are the enabling of the HTTP API (using --enable-api) and, in the unauthenticated case, a lack of security controls. Authentication is required for authenticated RCE, necessitating a valid authentication token.
CVE-2024-49375 was published on 2025-01-14. The vulnerability's severity is rated as CRITICAL (CVSS 9.1). Public proof-of-concept exploits are currently unknown, but the ease of exploitation given the prerequisites suggests a potential for rapid exploitation if widely publicized. It is not currently listed on CISA KEV.
Exploit Status
EPSS
3.29% (87% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2024-49375 is to upgrade Rasa to version 3.6.21 or later. If upgrading is not immediately feasible, disable the HTTP API by not using the --enable-api flag during Rasa server startup. Implement robust authentication and authorization mechanisms to restrict access to the API. Monitor Rasa server logs for suspicious activity, particularly related to model loading and API requests. Consider using a Web Application Firewall (WAF) to filter malicious requests.
Upgrade Rasa to version 3.6.21 or higher. If you cannot upgrade, ensure that you enable authentication and restrict access to trusted users only. Disable the HTTP API if it is not required.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2024-49375 is a CRITICAL RCE vulnerability in Rasa versions up to 3.6.21. An attacker can execute arbitrary code by loading a malicious model via the HTTP API if it's enabled and not properly secured.
You are affected if you are using Rasa versions 3.6.21 or earlier and have the HTTP API enabled. Check your Rasa version and API configuration immediately.
Upgrade to Rasa version 3.6.21 or later. If upgrading is not possible, disable the HTTP API and implement strong authentication.
There are currently no confirmed reports of active exploitation, but the vulnerability's severity and ease of exploitation suggest a potential for future attacks.
Refer to the official Rasa security advisory on their website for detailed information and updates: [https://rasa.com/docs/rasa/security/](https://rasa.com/docs/rasa/security/)
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Upload your requirements.txt file and we'll tell you instantly if you're affected.