CVE-2024-8616

High CVSS: 8.2

In h2oai/h2o-3 version 3.46.0, the `/99/Models/{name}/json` endpoint allows for arbitrary file overwrite on the target server. The vulnerability arises from the `exportModelDetails` function in `ModelsHandler.java`, where the user-controllable `mexport.dir` parameter is used to specify the file path for writing model details. This can lead to overwriting files at arbitrary locations on the host system.

Vendor

H2o

Product

H2o

CWE

CWE-73

Yayın Tarihi

2025-03-20 10:15:43

Güncelleme

2025-07-15 15:49:27

Source Identifier

security@huntr.dev

KEV Date Added

Kategoriler

CWE-73 H2o HIGH H2o 2025

Referanslar

https://huntr.com/bounties/aebf69a5-b9b1-4d2f-a8ff-902c11a8c97a

Benzer Kayıtlar

High

CVE-2025-61684

Quicly, an IETF QUIC protocol implementation, is susceptible to a denial-of-service attack prior to commit d9d3df6a8530a…

Medium

CVE-2025-10768

A flaw has been found in h2oai h2o-3 up to 3.46.08. The impacted element is an unknown function of the file /99/ImportSQ…

Medium

CVE-2025-10769

A vulnerability has been found in h2oai h2o-3 up to 3.46.08. This affects an unknown function of the file /99/ImportSQLT…

Critical

CVE-2025-6544

A deserialization vulnerability exists in h2oai/h2o-3 versions

High

CVE-2024-8062

A vulnerability in the typeahead endpoint of h2oai/h2o-3 version 3.46.0 allows for a denial of service. The endpoint per…

High

CVE-2024-7768

A vulnerability in the `/3/ImportFiles` endpoint of h2oai/h2o-3 version 3.46.1 allows an attacker to cause a denial of s…