Onyx File Download Vulnerability via Insecure UUID Handling in Chat Endpoint

A vulnerability in Onyx, an open-source AI platform, allows authenticated users to download files uploaded by other users through the chat file endpoint. This issue affects Onyx versions prior to 3.0.9, versions 3.1.0 through 3.1.6, and versions 3.2.0 prior to 3.2.6. The vulnerability arises because the endpoint verifies user authentication but fails to check file ownership. As a result, an attacker with knowledge of a file UUID can access confidential documents and chat attachments from any user in the system.

Impact

Exploitation of this vulnerability allows any authenticated user to access and download files belonging to other users, including confidential documents and chat attachments.

Reproduction

To reproduce this vulnerability, first register two user accounts: one as an admin (who will upload a file) and another as a normal user (hacker). Log into both accounts using different browsers. The admin should upload a confidential file to their chat session. Then, the hacker can download the admin's file by using the file UUID with their own session cookie, successfully bypassing the ownership check.

Remediation

Users can update to Onyx versions 3.0.9, 3.1.6, or 3.2.6, where this vulnerability has been patched.