CVE-2024-2029

CRITICAL

mudler/localai < 2.10.0 - OS Command Injection via TranscriptEndpoint audioToWav Function

Title source: llm

Description

A command injection vulnerability exists in the `TranscriptEndpoint` of mudler/localai, specifically within the `audioToWav` function used for converting audio files to WAV format for transcription. The vulnerability arises due to the lack of sanitization of user-supplied filenames before passing them to ffmpeg via a shell command, allowing an attacker to execute arbitrary commands on the host system. Successful exploitation could lead to unauthorized access, data breaches, or other detrimental impacts, depending on the privileges of the process executing the code.

References (2)

Core 2

Core References

Patch

https://github.com/mudler/localai/commit/31a4c9c9d3abc58de2bdc5305419181c8b33eb1c

View Patch ZIP pw:eip

Exploit, Third Party Advisory

https://huntr.com/bounties/e092528a-ce3b-4e66-9b98-3f56d6b276b0

Scores

CVSS v3 9.8

EPSS 0.0288

EPSS Percentile 85.0%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact total

Details

CWE

CWE-78

Status published

Products (2)

go-skynet/LocalAI 0 - 2.10.0Go

mudler/localai < 2.10.0

Published Apr 10, 2024

Tracked Since Feb 18, 2026