CVE-2024-2029

2024-04-1017:15:53

CWE-78

@huntr_ai

web.nvd.nist.gov

command injection vulnerability

transcriptendpoint

mudler/localai

audiotowav

arbitrary commands

unauthorized access

data breaches

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.7

Confidence

High

EPSS

Percentile

9.6%

JSON

A command injection vulnerability exists in the TranscriptEndpoint of mudler/localai, specifically within the audioToWav function used for converting audio files to WAV format for transcription. The vulnerability arises due to the lack of sanitization of user-supplied filenames before passing them to ffmpeg via a shell command, allowing an attacker to execute arbitrary commands on the host system. Successful exploitation could lead to unauthorized access, data breaches, or other detrimental impacts, depending on the privileges of the process executing the code.

Affected configurations

Vulners

Vulnrichment

Node

mudlerlocalaiRange<2.10.0

VendorProductVersionCPE
mudlerlocalai*cpe:2.3:a:mudler:localai:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
mudler	localai	*	cpe:2.3:a:mudler:localai::::::::

CNA Affected

[
  {
    "vendor": "mudler",
    "product": "mudler/localai",
    "versions": [
      {
        "version": "unspecified",
        "lessThan": "v2.10.0",
        "status": "affected",
        "versionType": "custom"
      }
    ]
  }
]