Arbitrary File Deletion Vulnerability in WebUI Session Delete API

Vulnerability Overview Vulnerability Name: Arbitrary File Deletion Vulnerability Description: In the WebUI's session deletion API, the endpoint does not validate the provided by the client, allowing an attacker to construct a malicious value and delete arbitrary files on the server. Vulnerability Type: Arbitrary File Deletion Severity: High Impact Scope Affected Code: - - Impact Description: - An attacker can delete any writable file outside the WebUI session storage directory. - In unauthenticated deployments, this vulnerability can be exploited remotely. - In authenticated deployments, low-privileged users can also trigger this vulnerability. Remediation Plan Remediation Measures: - Validate the value before path construction. - Reject containing absolute paths or traversal patterns. - Resolve and verify that the candidate deletion target is within . - Only allow deletion of legitimate session files inside the session storage. - Add regression tests to cover absolute path and traversal payloads. POC Code Security Reproduction Steps 1. Start WebUI with an isolated state directory. 2. Create a writable file outside , e.g., . 3. Send the following request: 4. Observe the vulnerability behavior: - API returns - is deleted Expected Vulnerable Behavior Even though the endpoint should only delete session files, files outside are deleted. The route reports success because it treats the attacker-controlled input as a normal session file. Changes Made Validate before path construction. Reject unsafe session identifiers. Resolve candidate deletion target before . Enforce containment within . Preserve session index invalidation behavior. Add regression tests to cover absolute path and traversal payloads. File Changes api/routes.py: Add session ID validation and enforce resolved path containment. tests/test_sprint3.py: Add coverage for absolute path and traversal payloads. Maintainer Impact Patch is narrow and limited to session deletion input validation and path containment. Does not change session storage format, chat execution, streaming, authentication behavior, or configuration file behavior. Existing valid session deletion behavior remains unchanged. Rationale for Fix The safest fix aligns this route with the project's existing session ID trust model, rather than treating deletion as a special case. Validating the identifier and enforcing resolved path containment ensures the route can only operate on legitimate session files. Change Type Security Fix Bug Fix Test New Feature Breaking Change Documentation Only Change Test Plan Disclosure Notes Statements in this PR are limited to the reviewed code path and the reproduced file deletion behavior. This PR does not claim broader arbitrary file read/write impact across other routes. The fix is intentionally scoped to the deletion path trust boundary so changes are easy to review and unlikely to regress.

Goal Reached Thanks to every supporter — we hit 100%!

Arbitrary File Deletion Vulnerability in WebUI Session Delete API

More from this source