CVE-2024-7959 Information

Description

The /openai/models endpoint in open-webui/open-webui version 0.3.8 is vulnerable to Server-Side Request Forgery (SSRF). An attacker can change the OpenAI URL to any URL without checks causing the endpoint to send a request to the specified URL and return the output. This vulnerability allows the attacker to access internal services and potentially gain command execution by accessing instance secrets.

Reference

https://huntr.com/bounties/3c8bea0a-d678-4d67-bb9c-2b5b610a2193