Horizon Alert
Summary of the vulnerability and why it matters
This vulnerability in Open WebUI allows an unauthenticated attacker to bypass authentication by sending an empty password. This could grant unauthorized access to the AI platform, potentially exposing sensitive data or allowing unauthorized actions.
- Unauthenticated access to the platform.
- Potential exposure of sensitive AI data.
- Affects systems using versions prior to 0.9.0.
Attack Path
How an attacker could exploit the issue
An attacker can abuse this vulnerability in Open WebUI by exploiting its LDAP authentication. They can send an empty password to the LDAP endpoint, which the application will then use to perform a Simple Bind. If the target LDAP server allows an empty password bind, the attacker will receive a valid session token for the user.
- No authentication required.
- Target LDAP authentication endpoint.
- LDAP server must allow empty password binds.
Live Threat
Current exploitation, exposure, and threat context
Attackers are unlikely to prioritize weaponizing this vulnerability due to the specific nature of the affected application, Open WebUI. While the vulnerability allows for unauthenticated access to user accounts by exploiting an empty password in LDAP authentication, Open WebUI is primarily designed for self-hosted, offline, or internal network use. Its typical deployment environment reduces the immediate attack surface for widespread exploitation.
- Not publicly exploited.
- Exploits are not readily available.
- Recency of vulnerability disclosure is recent.
Priority actions
Operational Fix
Recommended remediation, mitigation, and detection steps
Prioritize upgrading Open WebUI to version 0.9.0 or later immediately to fix an authentication bypass vulnerability. If upgrading is not feasible, implement network access controls to restrict access to the LDAP authentication endpoint.
- Upgrade Open WebUI to 0.9.0+.
- Restrict network access to LDAP endpoint.
- Monitor for unauthorized access attempts.
