Maliciously Crafted Model Archive Can Lead To Arbitrary File Write
Description
Reviewed
Oct 21, 2021
Published by the National Vulnerability Database
Oct 21, 2021
Published to the GitHub Advisory Database
Oct 22, 2021
Last updated
Oct 16, 2024
Impact
An Archive Extraction (Zip Slip) vulnerability in the functionality that allows a user to load a trained model archive in Rasa 2.8.9 and older allows an attacker arbitrary write capability within specific directories using a malicious crafted archive file.
Patches
The vulnerability is fixed in Rasa 2.8.10
Workarounds
Mitigating steps for vulnerable end users are to ensure that they do not upload untrusted model files, and restrict CLI or API endpoint access where a malicious actor could target a deployed Rasa instance.
For more information
If you have any questions or comments about this advisory:
References