How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:

The vulnerability allows unauthenticated remote attackers to read arbitrary image files accessible by the ComfyUI process on the server. This could lead to unauthorized disclosure of sensitive or personal data contained within those images.

Such unauthorized data exposure may impact compliance with data protection regulations like GDPR or HIPAA, which require safeguarding personal and sensitive information against unauthorized access.

However, the vulnerability is limited to image files that can be parsed by the PIL library and does not allow reading non-image files.

Useful 0 Not Useful 0

Can you explain this vulnerability to me?

This vulnerability exists in ComfyUI up to version 0.13.0, specifically in the function get_model_preview within the file app/model_manager.py, part of the Model Preview Endpoint component.

The issue is a path traversal vulnerability, which means an attacker can manipulate the input to access files or directories outside the intended scope.

The attack can be launched remotely, and the exploit is publicly available.

The vendor was contacted early about this issue but did not respond.

Useful 0 Not Useful 0

How can this vulnerability impact me? :

This vulnerability allows an attacker to perform path traversal remotely, potentially accessing unauthorized files on the system where ComfyUI is running.

Such unauthorized access could lead to exposure of sensitive information or system files, depending on the environment and permissions.

However, the CVSS scores indicate a relatively low to moderate severity, suggesting limited impact in terms of confidentiality, integrity, or availability.

Useful 0 Not Useful 0

How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability can be detected by attempting to access the vulnerable endpoint with specially crafted requests that exploit the path traversal flaw. Specifically, sending HTTP requests to the `/experiment/models/preview/{folder}/{path_index}/{filename}` endpoint with the filename parameter URL-encoded to include absolute paths (e.g., using `%2f` for slashes) can reveal if the server improperly allows access to arbitrary image files.

A practical detection method is to send a request for a known image file outside the normal directory structure and observe if the server returns the image re-encoded as WEBP or returns HTTP 404 if the file does not exist. This can be automated with tools like curl or wget.

• Example curl command to test for the vulnerability (replace server and path accordingly):
• curl -i "http://<server>/experiment/models/preview/<folder>/<path_index>/%2ftmp/secret_preview"
• If the response status is 200 and the content is an image (WEBP), the vulnerability is present.
• If the response status is 404, the file does not exist but the endpoint is reachable and may be vulnerable.

Useful 0 Not Useful 0

What immediate steps should I take to mitigate this vulnerability?

Immediate mitigation steps include restricting access to the vulnerable endpoint to trusted users or networks, as the vulnerability allows unauthenticated remote attackers to read arbitrary image files.

If possible, disable or block access to the `/experiment/models/preview` endpoint until a patch or update is available.

Implement network-level controls such as firewall rules or reverse proxy restrictions to prevent unauthorized external access.

Monitor server logs for suspicious requests containing URL-encoded slashes (%2f) or unusual access patterns to the model preview endpoint.

Consider applying custom patches or code changes to validate and sanitize the filename parameter to prevent path traversal, such as enforcing path containment checks before file access.

Useful 0 Not Useful 0