Denial of Service in open-webui/open-webui

Vulnerability

Analysis

CVE-2024-7983 affects Open-WebUI version 0.3.8, a self-hosted AI platform. The vulnerability resides in an endpoint for converting markdown to HTML, which is exposed without any authentication [2]. The root cause is that the server does not impose limits on the complexity or size of markdown payloads processed by this endpoint.

Exploitation

An attacker can send a maliciously crafted markdown payload to the unauthenticated endpoint. The server will spend excessive time converting this payload, causing it to become unresponsive to other legitimate requests until the conversion is complete [2]. No authentication or special network position is required; the attacker only needs network access to the vulnerable server.

Impact

Successful exploitation results in a denial of service (DoS) condition. The server is unable to handle any other requests during the prolonged conversion, effectively taking the service offline for the duration of the attack. This can disrupt all users of the Open-WebUI instance.

Mitigation

The vulnerability exists in version 0.3.8. Users are advised to upgrade to a patched version if available, or to apply rate limiting and input validation on the vulnerable endpoint. As of the publication date, the vendor repository [1] may contain fixes; the vulnerable code is located in backend/apps/webui/routers/utils.py [3]. Additional details are available on the Huntr bug bounty platform [4].