CVE-2024-49375
published 2025-01-14CVE-2024-49375: Open source machine learning framework. A vulnerability has been identified in Rasa that enables an attacker who has the ability to load a maliciously crafted…
PriorityP263critical9CVSS 3.1
AVNACHPRNUINSCCHIHAH
EPSS
0.90%
55.0th percentile
Open source machine learning framework. A vulnerability has been identified in Rasa that enables an attacker who has the ability to load a maliciously crafted model remotely into a Rasa instance to achieve Remote Code Execution. The prerequisites for this are: 1. The HTTP API must be enabled on the Rasa instance eg with `--enable-api`. This is not the default configuration. 2. For unauthenticated RCE to be exploitable, the user must not have configured any authentication or other security controls recommended in our documentation. 3. For authenticated RCE, the attacker must posses a valid authentication token or JWT to interact with the Rasa API. This issue has been addressed in rasa version 3.6.21 and all users are advised to upgrade. Users unable to upgrade should ensure that they require authentication and that only trusted users are given access.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| rasa | rasa | >= 0 < 3.6.21 | 3.6.21 |
| rasahq | rasa-pro-security-advisories | < 3.6.21 | 3.6.21 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
Rasa Allows Remote Code Execution via Remote Model Loading
ghsa·2025-01-14
CVE-2024-49375 [CRITICAL] CWE-502 Rasa Allows Remote Code Execution via Remote Model Loading
Rasa Allows Remote Code Execution via Remote Model Loading
## Vulnerability
A vulnerability has been identified in Rasa Pro and Rasa Open Source that enables an attacker who has the ability to load a maliciously crafted model remotely into a Rasa instance to achieve Remote Code Execution.
The prerequisites for this are:
- The HTTP API must be enabled on the Rasa instance eg with `--enable-api`. This is not the default configuration.
- For unauthenticated RCE to be exploitable, the user must not have configured any authentication or other security controls recommended in our documentation.
- For authenticated RCE, the attacker must posses a valid authentication token or JWT to interact with the Rasa API.
## Fix
We encourage you to upgrade to a version of Rasa that includes a fix. These a
OSV
Rasa Allows Remote Code Execution via Remote Model Loading
osv·2025-01-14
CVE-2024-49375 [CRITICAL] Rasa Allows Remote Code Execution via Remote Model Loading
Rasa Allows Remote Code Execution via Remote Model Loading
## Vulnerability
A vulnerability has been identified in Rasa Pro and Rasa Open Source that enables an attacker who has the ability to load a maliciously crafted model remotely into a Rasa instance to achieve Remote Code Execution.
The prerequisites for this are:
- The HTTP API must be enabled on the Rasa instance eg with `--enable-api`. This is not the default configuration.
- For unauthenticated RCE to be exploitable, the user must not have configured any authentication or other security controls recommended in our documentation.
- For authenticated RCE, the attacker must posses a valid authentication token or JWT to interact with the Rasa API.
## Fix
We encourage you to upgrade to a version of Rasa that includes a fix. These a
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2025-01-14
Published