CVE-2024-45436

HIGH

Ollama < 0.1.47 - Path Traversal via ZIP Archive Extraction

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2024-45436. PoCs published by pankass, srcx404.

AI-analyzed exploit summary This repository contains a functional exploit for CVE-2024-45436, targeting Ollama. The exploit leverages a path traversal vulnerability to write a malicious shared object file to `/etc/ld.so.preload`, achieving remote code execution (RCE) when the target process loads the library.

Description

extractFromZipFile in model.go in Ollama before 0.1.47 can extract members of a ZIP archive outside of the parent directory.

Exploits (2)

github WORKING POC 8 stars

by pankass · gopoc

https://github.com/pankass/CVE-2024-37032_CVE-2024-45436

View Code ZIP pw:eip

This repository contains a functional exploit for CVE-2024-45436, targeting Ollama. The exploit leverages a path traversal vulnerability to write a malicious shared object file to `/etc/ld.so.preload`, achieving remote code execution (RCE) when the target process loads the library.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Ollama (versions < 0.1.47)

No auth needed

Prerequisites: Target running vulnerable Ollama version · Network access to the Ollama API endpoint · GCC and Go installed on the attacker's machine

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1555.001 - Keychain

devstral-2 · analyzed Feb 19, 2026 Full analysis →

nomisec WORKING POC 4 stars

by srcx404 · poc

https://github.com/srcx404/CVE-2024-45436

View Code ZIP pw:eip

This repository contains a functional exploit for CVE-2024-45436, a path traversal vulnerability in Ollama versions prior to 0.1.47. The exploit leverages ZIP file extraction flaws to achieve remote code execution by writing malicious shared objects to critical system paths.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Ollama < 0.1.47

No auth needed

Prerequisites: Vulnerable Ollama instance · GCC for compiling shared object · Python 3.6+ with requests library

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1559 - Inter-Process Communication

devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (2)

Core 2

Core References

Patch

https://github.com/ollama/ollama/compare/v0.1.46...v0.1.47

Patch

https://github.com/ollama/ollama/pull/5314

Scores

CVSS v3 7.5

EPSS 0.2908

EPSS Percentile 96.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact total

Details

CWE

CWE-22

Status published

Products (2)

ollama/ollama < 0.1.47

ollama/ollama 0 - 0.1.47Go

Published Aug 29, 2024

Tracked Since Feb 18, 2026