haotian-liu LLaVA Release v1.2.0 Denial-of-Service Vulnerability in File Upload Feature
Vulnerability
A denial-of-service vulnerability has been identified in the file upload feature of haotian-liu LLaVA, specifically in Release v1.2.0 (LLaVA-1.6). The issue arises from improper handling of form-data that includes large filenames. When a payload with an excessively large filename is uploaded, the server becomes overwhelmed and unresponsive, disrupting service for legitimate users. This vulnerability can be exploited without authentication, increasing its potential impact.
Impact
Exploitation of this vulnerability causes the server to become unresponsive, leading to a denial-of-service condition where legitimate users cannot access the service. The vulnerability's lack of authentication requirements further escalates the risk, allowing anyone with access to the upload endpoint to perform the attack.
Reproduction
To reproduce this vulnerability, upload a file using the file upload feature while including a filename that is excessively large, such as one consisting of several million characters. The server will become unresponsive, causing a denial-of-service condition.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.