CVE-2024-7959: The `/openai/models` endpoint in open-webui/open-webui version 0.3.8 is vulnerable to Server-Side Request Forgery (SSRF)
highvulnerability
security
Summary
The `/openai/models` endpoint in open-webui version 0.3.8 has a Server-Side Request Forgery vulnerability (SSRF, a flaw where an attacker tricks a server into making requests to unintended locations). An attacker can change the OpenAI URL to any address without validation, allowing the endpoint to send requests to that URL and return the response, potentially exposing internal services and secrets.
Vulnerability Details
CVSS Score
7.7(high)
EPSS (30-day exploit probability)
EPSS: 0.4%
Classification
Attack Type
RAG Poisoning
Attack SophisticationTrivial
Impact (CIA+S)
confidentialityintegrity
Affected Vendors
Related Issues
Original source: https://nvd.nist.gov/vuln/detail/CVE-2024-7959
First tracked: February 15, 2026 at 08:49 PM
Classified by LLM (prompt v3) · confidence: 85%