Login Sign Up

CVE-2021-41127

7.3 HIGH
Path Traversal

📋 TL;DR

CVE-2021-41127 is a path traversal vulnerability in Rasa's model loading functionality that allows attackers to overwrite or replace bot files by crafting malicious model.tar.gz archives. This affects Rasa instances that load untrusted model files, potentially compromising bot functionality and data integrity. Users of affected Rasa versions are vulnerable if they process model files from untrusted sources.

💻 Affected Systems

Products:
  • Rasa Open Source
Versions: Versions before 2.8.10
Operating Systems: All platforms running Rasa
Default Config Vulnerable: ⚠️ Yes
Notes: Vulnerability exists in default model loading functionality; exploitation requires loading a malicious model file.

📦 What is this software?

Rasa by Rasa

View all CVEs affecting Rasa →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of Rasa instance through arbitrary file write leading to remote code execution, data corruption, or service disruption.

🟠

Likely Case

Bot file manipulation causing service degradation, data loss, or unauthorized configuration changes.

🟢

If Mitigated

Limited impact with proper access controls and trusted model sources only.

🌐 Internet-Facing: HIGH if model upload endpoints are exposed to untrusted users.
🏢 Internal Only: MEDIUM if internal users can upload models, LOW with strict access controls.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploitation requires ability to upload or provide model files to the Rasa instance.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 2.8.10

Vendor Advisory: https://github.com/RasaHQ/rasa/security/advisories/GHSA-4365-fhm5-qcrx

Restart Required: Yes

Instructions:

1. Update Rasa using pip: 'pip install rasa==2.8.10' 2. Restart all Rasa services 3. Verify version with 'rasa --version'

🔧 Temporary Workarounds

Restrict model file sources

all

Only load model files from trusted, verified sources and implement strict access controls on model upload endpoints.

Implement file validation

all

Add validation checks for model files before processing, including path traversal detection.

🧯 If You Can't Patch

  • Implement strict access controls on CLI and API endpoints that accept model files
  • Only process model files from trusted, verified sources and implement file integrity checks

🔍 How to Verify

Check if Vulnerable:

Check Rasa version with 'rasa --version'. If version is below 2.8.10, system is vulnerable.

Check Version:

rasa --version

Verify Fix Applied:

Run 'rasa --version' and confirm version is 2.8.10 or higher.

📡 Detection & Monitoring

Log Indicators:

  • Unusual model file loading patterns
  • File write operations outside expected bot directories
  • Errors in model loading process

Network Indicators:

  • Unexpected model file uploads to Rasa endpoints
  • Large or unusual file transfers to model endpoints

SIEM Query:

source="rasa" AND (event="model_load" OR event="file_write") AND path="*../*"

📊 Metadata

CVE ID: CVE-2021-41127
CVSS v3 Score: 7.3 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H
CWE: CWE-22
Published: October 21, 2021
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-41127, you might also want to check these:

CVE-2024-43955 10.0

CVE-2024-43955 is an unauthenticated path traversal vulnerability in the Droip WordPress plugin that...

Same vulnerability type (CWE-22)
CVE-2025-54261 10.0

This critical path traversal vulnerability in Adobe ColdFusion allows attackers to escape restricted...

Same vulnerability type (CWE-22)
CVE-2024-40628 10.0

This critical vulnerability in JumpServer allows attackers to read arbitrary files from the Celery c...

Same vulnerability type (CWE-22)