{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-7773", "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "state": "PUBLISHED", "assignerShortName": "@huntr_ai", "dateReserved": "2024-08-13T20:28:18.382Z", "datePublished": "2025-03-20T10:09:13.433Z", "dateUpdated": "2025-03-20T13:52:25.401Z"}, "containers": {"cna": {"title": "Remote Code Execution via ZipSlip in ollama/ollama", "providerMetadata": {"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntr_ai", "dateUpdated": "2025-03-20T10:09:13.433Z"}, "descriptions": [{"lang": "en", "value": "A vulnerability in ollama/ollama version 0.1.37 allows for remote code execution (RCE) due to improper input validation in the handling of zip files. The vulnerability, known as ZipSlip, occurs in the parseFromZipFile function in server/model.go. The code does not check for directory traversal sequences (../) in file names within the zip archive, allowing an attacker to write arbitrary files to the file system. This can be exploited to create files such as /etc/ld.so.preload and a malicious shared library, leading to RCE."}], "affected": [{"vendor": "ollama", "product": "ollama/ollama", "versions": [{"version": "unspecified", "lessThan": "0.4.0", "status": "affected", "versionType": "custom"}]}], "references": [{"url": "https://huntr.com/bounties/aeb82e05-484f-4431-9ede-25a3478d8dbb"}, {"url": "https://github.com/ollama/ollama/commit/123a722a6f541e300bc8e34297ac378ebe23f527"}], "metrics": [{"cvssV3_0": {"version": "3.0", "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "baseScore": 9.1, "baseSeverity": "CRITICAL"}}], "problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-20 Improper Input Validation", "cweId": "CWE-20"}]}], "source": {"advisory": "aeb82e05-484f-4431-9ede-25a3478d8dbb", "discovery": "EXTERNAL"}}, "adp": [{"references": [{"url": "https://huntr.com/bounties/aeb82e05-484f-4431-9ede-25a3478d8dbb", "tags": ["exploit"]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-03-20T13:50:16.150072Z", "id": "CVE-2024-7773", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-03-20T13:52:25.401Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-7773", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-03-20T13:50:16.150072Z"}}}], "references": [{"url": "https://huntr.com/bounties/aeb82e05-484f-4431-9ede-25a3478d8dbb", "tags": ["exploit"]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-03-20T13:50:27.206Z"}}], "cna": {"title": "Remote Code Execution via ZipSlip in ollama/ollama", "source": {"advisory": "aeb82e05-484f-4431-9ede-25a3478d8dbb", "discovery": "EXTERNAL"}, "metrics": [{"cvssV3_0": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 9.1, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "ollama", "product": "ollama/ollama", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "0.4.0", "versionType": "custom"}]}], "references": [{"url": "https://huntr.com/bounties/aeb82e05-484f-4431-9ede-25a3478d8dbb"}, {"url": "https://github.com/ollama/ollama/commit/123a722a6f541e300bc8e34297ac378ebe23f527"}], "descriptions": [{"lang": "en", "value": "A vulnerability in ollama/ollama version 0.1.37 allows for remote code execution (RCE) due to improper input validation in the handling of zip files. The vulnerability, known as ZipSlip, occurs in the parseFromZipFile function in server/model.go. The code does not check for directory traversal sequences (../) in file names within the zip archive, allowing an attacker to write arbitrary files to the file system. This can be exploited to create files such as /etc/ld.so.preload and a malicious shared library, leading to RCE."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-20", "description": "CWE-20 Improper Input Validation"}]}], "providerMetadata": {"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntr_ai", "dateUpdated": "2025-03-20T10:09:13.433Z"}}}, "cveMetadata": {"cveId": "CVE-2024-7773", "state": "PUBLISHED", "dateUpdated": "2025-03-20T13:52:25.401Z", "dateReserved": "2024-08-13T20:28:18.382Z", "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "datePublished": "2025-03-20T10:09:13.433Z", "assignerShortName": "@huntr_ai"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ollama:ollama:0.1.37:*:*:*:*:*:*:*", "matchCriteriaId": "D47A8C6D-889D-4DB7-97CB-2B8A657F7CAC", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability in ollama/ollama version 0.1.37 allows for remote code execution (RCE) due to improper input validation in the handling of zip files. The vulnerability, known as ZipSlip, occurs in the parseFromZipFile function in server/model.go. The code does not check for directory traversal sequences (../) in file names within the zip archive, allowing an attacker to write arbitrary files to the file system. This can be exploited to create files such as /etc/ld.so.preload and a malicious shared library, leading to RCE."}, {"lang": "es", "value": "Una vulnerabilidad en ollama/ollama versi\u00f3n 0.1.37 permite la ejecuci\u00f3n remota de c\u00f3digo (RCE) debido a una validaci\u00f3n de entrada incorrecta al gestionar archivos zip. La vulnerabilidad, conocida como ZipSlip, se produce en la funci\u00f3n parseFromZipFile de server/model.go. El c\u00f3digo no comprueba las secuencias de directory traversal (../) en los nombres de archivo dentro del archivo zip, lo que permite a un atacante escribir archivos arbitrarios en el sistema de archivos. Esto puede explotarse para crear archivos como /etc/ld.so.preload y una librer\u00eda compartida maliciosa, lo que provoca RCE."}], "id": "CVE-2024-7773", "lastModified": "2025-03-26T17:27:56.490", "metrics": {"cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 5.2, "source": "security@huntr.dev", "type": "Secondary"}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2025-03-20T10:15:37.393", "references": [{"source": "security@huntr.dev", "tags": ["Patch"], "url": "https://github.com/ollama/ollama/commit/123a722a6f541e300bc8e34297ac378ebe23f527"}, {"source": "security@huntr.dev", "tags": ["Exploit", "Third Party Advisory"], "url": "https://huntr.com/bounties/aeb82e05-484f-4431-9ede-25a3478d8dbb"}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "tags": ["Exploit", "Third Party Advisory"], "url": "https://huntr.com/bounties/aeb82e05-484f-4431-9ede-25a3478d8dbb"}], "sourceIdentifier": "security@huntr.dev", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "security@huntr.dev", "type": "Secondary"}]}

{"bugzilla": {"description": "ollama: Remote Code Execution via ZipSlip in ollama/ollama", "id": "2353591", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2353591"}, "csaw": false, "cvss3": {"cvss3_base_score": "9.1", "cvss3_scoring_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "status": "draft"}, "cwe": "CWE-20", "details": ["A vulnerability in ollama/ollama version 0.1.37 allows for remote code execution (RCE) due to improper input validation in the handling of zip files. The vulnerability, known as ZipSlip, occurs in the parseFromZipFile function in server/model.go. The code does not check for directory traversal sequences (../) in file names within the zip archive, allowing an attacker to write arbitrary files to the file system. This can be exploited to create files such as /etc/ld.so.preload and a malicious shared library, leading to RCE.", "A flaw was found in Ollama, specifically in the parseFromZipFile function in server/model.go. This vulnerability allows remote code execution (RCE) via improper input validation when handling zip files, enabling directory traversal attacks (../) that allow an attacker to write arbitrary files to the file system."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2024-7773", "package_state": [{"cpe": "cpe:/a:redhat:ansible_automation_platform:2", "fix_state": "Not affected", "package_name": "ansible-automation-platform-24/lightspeed-rhel8", "product_name": "Red Hat Ansible Automation Platform 2"}, {"cpe": "cpe:/a:redhat:ansible_automation_platform:2", "fix_state": "Not affected", "package_name": "ansible-automation-platform-24/platform-resource-runner-rhel8", "product_name": "Red Hat Ansible Automation Platform 2"}], "public_date": "2025-03-20T10:09:13Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-7773\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-7773\nhttps://github.com/ollama/ollama/commit/123a722a6f541e300bc8e34297ac378ebe23f527\nhttps://huntr.com/bounties/aeb82e05-484f-4431-9ede-25a3478d8dbb"], "statement": "No Red Hat products are affected by this vulnerability.\nThis vulnerability is marked as critical rather than important because it enables unauthenticated remote code execution (RCE) with potential privilege escalation. The ZipSlip flaw allows an attacker to write arbitrary files, including modifying /etc/ld.so.preload, which forces the system to load a malicious shared library. This effectively hijacks all dynamically linked binaries, leading to persistent system compromise. Furthermore, the ability to establish a reverse shell provides the attacker full remote control, making exploitation trivial and highly impactful, especially in scenarios where the application processes untrusted ZIP archives.", "threat_severity": "Critical"}