Medium

localai

SSRF and Partial LFI in /models/apply Endpoint

The vulnerability in the /models/apply endpoint of LocalAI version 2.15.0 allows for SSRF and partial LFI attacks. It was patched in version 2.17.

Available publicly on Jul 06 2024

5.8

CVE:

CVE-2024-6095

CWE:

918:Server-Side Request Forgery (SSRF)

CVSS:

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N

Credit:

sev-hack
AssessDetect

Premium

Remediate
Remediation Steps
  • Update to LocalAI version 2.17 or later.
  • Implement network segmentation to limit access to the LocalAI instance.
  • Add authentication mechanisms to the LocalAI instance to restrict access.
  • Validate and sanitize input URLs to prevent SSRF and LFI attacks.
Patch Details
  • Fixed Version: 2.17
  • Patch Commit: https://github.com/mudler/LocalAI/commit/2fc6fe806b903ac0a70218b21b5c84443a1b0866
Want more out of Sightline?

Sightline offers even more for premium customers

Go Premium

We have - related security advisories that are available with Sightline Premium.