Cyber Resilience

CVE-2024-7034

HighPublic PoC

Published: 20 March 2025

Published
20 March 2025
Modified
29 July 2025
KEV Added
Patch
CVSS Score v3.1 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0673 91.5th percentile
Risk Priority 18 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-7034 is a high-severity Path Traversal (CWE-22) vulnerability in Openwebui Open Webui. Its CVSS base score is 7.2 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 8.5% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and AC-3 (Access Enforcement).

Deeper analysis

In open-webui version 0.3.8, the /models/upload endpoint is vulnerable to arbitrary file write via path traversal (CWE-22). The implementation sets file_path to the concatenation of UPLOAD_DIR and the unsanitized file.filename value, allowing directory traversal sequences supplied by the caller to escape the intended upload directory and target arbitrary locations on the filesystem.

An authenticated attacker with administrative privileges can reach the endpoint over the network and supply a malicious filename to overwrite system binaries, configuration files, or other sensitive data, which may enable remote command execution. The vulnerability carries a CVSS 3.1 score of 7.2.

The issue was reported in the referenced huntr.com bounty disclosure. The associated EPSS score remains at 0.0673 with no material increase observed.

EU & UK References

Vulnerability details

In open-webui version 0.3.8, the endpoint `/models/upload` is vulnerable to arbitrary file write due to improper handling of user-supplied filenames. The vulnerability arises from the usage of `file_path = f"{UPLOAD_DIR}/{file.filename}"` without proper input validation or sanitization. An attacker can exploit…

more

this by manipulating the `file.filename` parameter to include directory traversal sequences, causing the resulting `file_path` to escape the intended `UPLOAD_DIR` and potentially overwrite arbitrary files on the system. This can lead to unauthorized modifications of system binaries, configuration files, or sensitive data, potentially enabling remote command execution.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
T1554 Compromise Host Software Binary Persistence
Adversaries may modify host software binaries to establish persistent access to systems.
Why these techniques?

Directory traversal in /models/upload enables exploitation of public-facing web application (T1190) for arbitrary file writes, allowing overwrite of system binaries and configs to compromise host software (T1554), potentially leading to RCE.

CVEs Like This One

CVE-2026-44565Same product: Openwebui Open Webui
CVE-2024-7806Same product: Openwebui Open Webui
CVE-2024-7959Same product: Openwebui Open Webui
CVE-2024-8053Same product: Openwebui Open Webui
CVE-2026-44566Same product: Openwebui Open Webui
CVE-2024-7044Same product: Openwebui Open Webui
CVE-2026-45350Same product: Openwebui Open Webui
CVE-2026-34222Same product: Openwebui Open Webui
CVE-2024-7043Same product: Openwebui Open Webui
CVE-2026-44567Same product: Openwebui Open Webui

Affected Assets

openwebui
open webui
0.3.8

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly requires validation of user-supplied filenames at the /models/upload endpoint to block directory traversal sequences like ../ and prevent arbitrary file writes.

prevent

Enforces logical access controls limiting high-privilege users' write permissions to the intended UPLOAD_DIR, reducing impact of path traversal overwrites.

detect

Monitors and verifies integrity of critical files and binaries to detect unauthorized modifications from exploited directory traversal.

References