CVE-2024-37032

HIGH EXPLOITED NUCLEI

ollama < 0.1.34 - Path Traversal via Model Path Digest Validation Bypass

Title source: llm

Exploitation Summary

CVE-2024-37032 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 5 public exploits from researchers including Bi0x, pankass, itzSh4dowxZ, including a Metasploit module exploits/linux/http/ollama_rce_cve_2024_37032. A Nuclei detection template is also available.

AI-analyzed exploit summary This repository contains a functional exploit for CVE-2024-37032, demonstrating a path traversal vulnerability in Ollama via a rogue registry server. The PoC includes a server that serves malicious manifests and a client script to trigger the vulnerability.

Description

Ollama before 0.1.34 does not validate the format of the digest (sha256 with 64 hex digits) when getting the model path, and thus mishandles the TestGetBlobsPath test cases such as fewer than 64 hex digits, more than 64 hex digits, or an initial ../ substring.

Exploits (5)

nomisec WORKING POC 51 stars

by Bi0x · poc

https://github.com/Bi0x/CVE-2024-37032

View Code ZIP pw:eip

This repository contains a functional exploit for CVE-2024-37032, demonstrating a path traversal vulnerability in Ollama via a rogue registry server. The PoC includes a server that serves malicious manifests and a client script to trigger the vulnerability.

Classification

Working Poc 95%

Attack Type

Info Leak

Complexity

Moderate

Reliability

Reliable

Target: Ollama version 0.1.33

No auth needed

Prerequisites: Access to a vulnerable Ollama instance · Ability to run a rogue registry server

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1205 - Traffic Signaling

devstral-2 · analyzed Feb 18, 2026 Full analysis →

nomisec WORKING POC 8 stars

by pankass · poc

https://github.com/pankass/CVE-2024-37032_CVE-2024-45436

View Code ZIP pw:eip

This repository contains a functional exploit for CVE-2024-37032 and CVE-2024-45436, targeting Ollama. The exploit leverages a path traversal vulnerability to upload a malicious shared object file, which is then executed to achieve remote code execution (RCE).

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Ollama < 0.1.47

No auth needed

Prerequisites: Target running Ollama < 0.1.47 · Network access to the target · GCC installed on the attacker's machine

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 18, 2026 Full analysis →

github WORKING POC 6 stars

by itzSh4dowxZ · pythonlocal

https://github.com/itzSh4dowxZ/CVE-2024-37032-PoC

View Code ZIP pw:eip

This repository contains a functional proof-of-concept exploit for CVE-2024-37032, targeting the Ollama API. The exploit leverages a path traversal vulnerability to manipulate the `ld.so.preload` file, achieving privilege escalation via a preloaded shared library.

Classification

Working Poc 95%

Attack Type

Lpe

Complexity

Moderate

Reliability

Reliable

Target: Ollama API

No auth needed

Prerequisites: Access to the target Ollama API · Ability to compile and transfer a shared library to the target system

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1548 - Abuse Elevation Control Mechanism

devstral-2 · analyzed May 19, 2026 Full analysis →

nomisec SCANNER 1 stars

by ahboon · poc

https://github.com/ahboon/CVE-2024-37032-scanner

View Code ZIP pw:eip

This repository contains a Python-based scanner that checks for vulnerable versions of Ollama by querying the /api/version endpoint and comparing the version against the patched version (0.1.34). It uses multithreading to scan an entire subnet for vulnerable instances.

Classification

Scanner 95%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: Ollama < 0.1.34

No auth needed

Prerequisites: Network access to the target subnet · Ollama service exposed on port 11434

MITRE ATT&CK

T1595 - Active Scanning

devstral-2 · analyzed Feb 18, 2026 Full analysis →

metasploit WORKING POC EXCELLENT

rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/ollama_rce_cve_2024_37032.rb

View Code ZIP pw:eip

This Metasploit module exploits CVE-2024-37032, a path traversal vulnerability in Ollama before 0.1.34, by setting up a rogue OCI registry to serve malicious models that write arbitrary files (including a shared library and ld.so.preload) and achieve remote code execution.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Complex

Reliability

Reliable

Target: Ollama < 0.1.34

No auth needed

Prerequisites: Network access to Ollama API (default port 11434) · Target must pull models from attacker-controlled registry

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 25, 2026 Full analysis →

Nuclei Templates (1)

Ollama - Remote Code Execution

CRITICALVERIFIEDby kaks3c

Shodan: ollama

References (4)

Core 4

Core References

Product

https://github.com/ollama/ollama/blob/adeb40eaf29039b8964425f69a9315f9f1694ba8/server/modelpath_test.go#L41-L58

Release Notes

https://github.com/ollama/ollama/compare/v0.1.33...v0.1.34

Issue Tracking

https://github.com/ollama/ollama/pull/4175

Exploit, Third Party Advisory

https://www.vicarius.io/vsociety/posts/probllama-in-ollama-a-tale-of-a-yet-another-rce-vulnerability-cve-2024-37032

Scores

CVSS v3 8.8

EPSS 0.9367

EPSS Percentile 99.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

VulnCheck KEV 2024-08-22

CWE

CWE-22

Status published

Products (2)

ollama/ollama < 0.1.34

ollama/ollama 0 - 0.1.34Go

Published May 31, 2024

Tracked Since Feb 18, 2026