CVE-2024-7053
📋 TL;DR
This vulnerability allows an attacker with a user-level account to perform a session fixation attack in open-webui/open-webui version 0.3.8. By embedding a malicious markdown image in a chat, an attacker can steal administrator session cookies when viewed, potentially leading to account takeover and remote code execution. All users of the affected version are vulnerable.
💻 Affected Systems
- open-webui/open-webui
📦 What is this software?
Open Webui by Openwebui
⚠️ Risk & Real-World Impact
Worst Case
Administrator account takeover leading to remote code execution, full system compromise, and data exfiltration.
Likely Case
Administrator account takeover allowing unauthorized access to sensitive data and system configuration.
If Mitigated
Limited impact with proper session management and network segmentation in place.
🎯 Exploit Status
Exploit requires user-level account but uses simple markdown injection technique.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Version after 0.3.8
Vendor Advisory: https://huntr.com/bounties/947f8191-0abf-4adf-b7c4-d4c19683aba2
Restart Required: Yes
Instructions:
1. Update open-webui to latest version. 2. Restart the application. 3. Verify session cookies now have Secure flag and proper SameSite settings.
🔧 Temporary Workarounds
Configure secure session cookies
allManually configure session cookies with Secure flag and SameSite=Strict
Modify application configuration to set session.cookie.secure=true and session.cookie.samesite=strict
Disable markdown image rendering
allTemporarily disable markdown image rendering in chat functionality
Modify application settings to disable markdown image parsing
🧯 If You Can't Patch
- Implement strict Content Security Policy (CSP) to prevent external image loading
- Use reverse proxy to add Secure flag to session cookies and enforce HTTPS
🔍 How to Verify
Check if Vulnerable:
Check if running open-webui version 0.3.8 and inspect session cookies for missing Secure flag and SameSite=Lax setting.Check Version:
Check application version in web interface or configuration filesVerify Fix Applied:
Verify session cookies now have Secure flag and SameSite=Strict setting, and test markdown image functionality.📡 Detection & Monitoring
Log Indicators:
- Unusual markdown image URLs in chat logs
- Multiple session creations from same user
- Administrator account login from unusual locations
Network Indicators:
- HTTP requests to external domains with session cookies
- Image requests to suspicious domains from admin sessions
SIEM Query:
source=web_logs url=*markdown* AND (referer=*admin* OR user=admin) AND dest_ip NOT IN internal_ips