Open WebUI Missing Access Check Vulnerability in Channel Members Endpoint

A vulnerability exists in Open WebUI versions through 0.8.12, specifically in the channel members listing endpoint. The issue arises because the endpoint does not properly verify access for standard channels, including private ones, before returning the member list. As a result, any authenticated user who knows a private channel's UUID can enumerate all users with access to that channel. This vulnerability is present in the 'backend/open_webui/routers/channels.py' file, within the 'get_channel_members_by_id' function.

Impact

Exploitation of this vulnerability leaks the identities and personal details of all users with access to a private channel, including their IDs, names, emails, roles, and profile images. This information disclosure can be used for targeted social engineering against channel members.

Reproduction

To reproduce this vulnerability, an authenticated user must obtain the UUID of a private standard channel. This UUID can be acquired through various means, such as logs, browser history, URL observation, or other API responses. Once the UUID is obtained, the user can make a GET request to the '/api/v1/channels/{id}/members' endpoint. The server will respond with a list of all users who have access to the channel, including their personal details. It is important to note that while this vulnerability allows enumeration of channel members, it does not provide access to the channel's messages, as the messaging endpoints correctly enforce access checks.

Remediation

Users are advised to update to Open WebUI version 0.9.0 or later, where this vulnerability has been fixed.