Wandb OpenUI Unauthenticated File Upload Vulnerability Allowing S3 Bucket Abuse

Vulnerability

A vulnerability in wandb/openui, specifically in the latest commit, allows unauthenticated users to upload and download files from an AWS S3 bucket via the '/v1/share/{id:str}' endpoint. This lack of authentication could lead to various security issues, including denial of service, stored cross-site scripting, and information disclosure. The vulnerability arises because any user can upload and overwrite files, potentially filling up the S3 bucket's storage, injecting harmful scripts, or accessing sensitive data.

Impact

Exploitation of this vulnerability could result in denial of service by exhausting S3 bucket storage, stored cross-site scripting through the injection of malicious scripts, and unauthorized access to sensitive information.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

7.4

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

7.4

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Wandb OpenUI Unauthenticated File Upload Vulnerability Allowing S3 Bucket Abuse

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating