CVE-2024-39722

HIGH

Ollama < 0.1.46 - Path Traversal via API Push Route

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2024-39722. PoCs published by srcx404.

AI-analyzed exploit summary The repository contains a Python script that scans for Ollama model existence disclosure (CVE-2024-39722) by checking version information and crawling model links. It does not include exploit code for active exploitation but focuses on detection and information gathering.

Description

An issue was discovered in Ollama before 0.1.46. It exposes which files exist on the server on which it is deployed via path traversal in the api/push route.

Exploits (1)

nomisec SCANNER

by srcx404 · poc

https://github.com/srcx404/CVE-2024-39722

View Code ZIP pw:eip

The repository contains a Python script that scans for Ollama model existence disclosure (CVE-2024-39722) by checking version information and crawling model links. It does not include exploit code for active exploitation but focuses on detection and information gathering.

Classification

Scanner 90%

Attack Type

Info Leak

Complexity

Moderate

Reliability

Reliable

Target: Ollama versions <= 0.1.45

No auth needed

Prerequisites: Network access to the Ollama server · Ollama server running a vulnerable version

MITRE ATT&CK

T1592 - Gather Victim Host Information

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (1)

Core 1

Core References

Exploit, Third Party Advisory

https://www.oligo.security/blog/more-models-more-probllms

Scores

CVSS v3 7.5

EPSS 0.0394

EPSS Percentile 89.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact partial

Details

CWE

CWE-22

Status published

Products (1)

ollama/ollama < 0.1.46

Published Oct 31, 2024

Tracked Since Feb 18, 2026