Open WebUI API Key Endpoint Restriction Bypass Vulnerability

A vulnerability in Open WebUI versions prior to 0.9.0 allows API keys to bypass endpoint restrictions when using the 'x-api-key' header. Although restrictions are enforced for keys sent via the 'Authorization' header, the same keys can access restricted endpoints through 'x-api-key', undermining the platform's access control and permission model.

Impact

This vulnerability allows any API key with endpoint restrictions to access restricted endpoints by using the 'x-api-key' header instead of 'Authorization'. This bypasses the intended access controls, enabling keys to access chat/completion endpoints or admin functionalities they should be restricted from.

Reproduction

To reproduce this vulnerability, create an API key with restrictions that prevent access to the '/api/v1/messages' endpoint. Then, send a request to this endpoint using the 'Authorization' header with the restricted API key. The request will be blocked with a 403 error, indicating the restriction is enforced. Next, repeat the request using the 'x-api-key' header with the same API key. This time, the request will be processed successfully, and a response will be returned, demonstrating the bypass of the restriction.

Remediation

Users are advised to update Open WebUI to version 0.9.0 or later, where this vulnerability has been fixed.