Platform
docker
Component
mudler/localai
Fixed in
2.16.0
CVE-2024-5182 describes a path traversal vulnerability discovered in localai versions up to 2.16.0. This flaw allows an attacker to delete arbitrary files on the system by exploiting the model parameter during the model deletion process. Successful exploitation can result in the loss of sensitive data and compromise system integrity. The vulnerability has been addressed with the release of version 2.16.0.
The path traversal vulnerability in localai allows an attacker to bypass intended directory restrictions and delete files outside of the expected scope. By crafting a malicious request with a manipulated model parameter, an attacker can traverse the file system and target critical files, including configuration files, user data, or even system binaries. This could lead to complete system compromise, data exfiltration, or denial of service. The impact is particularly severe if the localai instance is deployed in a production environment or handles sensitive user data. The ability to delete arbitrary files represents a significant escalation of privileges.
CVE-2024-5182 was publicly disclosed on 2024-06-19. The vulnerability is present in the docker image for localai. No public proof-of-concept (POC) code has been widely reported, but the ease of exploitation makes it a potential target for opportunistic attackers. The EPSS score is likely medium, given the relatively straightforward nature of the vulnerability and the potential for significant impact. It is not currently listed on the CISA KEV catalog.
Exploit Status
EPSS
2.49% (85% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2024-5182 is to upgrade to localai version 2.16.0 or later, which includes the necessary input validation fixes. If upgrading immediately is not feasible, consider implementing temporary workarounds such as restricting access to the model deletion endpoint, implementing stricter file system permissions, or employing a Web Application Firewall (WAF) to filter malicious requests. Monitor system logs for suspicious activity related to file deletion attempts. After upgrading, confirm the fix by attempting to delete a file outside the intended directory using a crafted request; the operation should be denied.
Actualice a la versión 2.16.0 o posterior de mudler/localai. Esta versión corrige la vulnerabilidad de path traversal. La actualización se puede realizar descargando la nueva imagen de Docker o actualizando el código fuente y reconstruyendo la aplicación.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2024-5182 is a Path Traversal vulnerability in localai versions up to 2.16.0, allowing attackers to delete arbitrary files by manipulating the 'model' parameter.
You are affected if you are running localai version 2.16.0 or earlier. Upgrade to the latest version (2.16.0+) to mitigate the risk.
Upgrade to localai version 2.16.0 or later. As a temporary workaround, restrict access to the model deletion endpoint or implement a WAF.
While no widespread exploitation has been confirmed, the ease of exploitation makes it a potential target. Monitoring and patching are crucial.
Refer to the localai project's official channels (GitHub repository, website) for the latest security advisories and updates.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Upload your Dockerfile file and we'll tell you instantly if you're affected.