From cfa001041a406347fd053ccfe5a953ccac0217d3 Mon Sep 17 00:00:00 2001
From: Goby <50955360+gobysec@users.noreply.github.com>
Date: Mon, 3 Mar 2025 18:32:44 +0800
Subject: [PATCH] Create Ollama  Unauthorized Access Vulnerability
 (CNVD-2025-04094).md

---
 ...rized Access Vulnerability (CNVD-2025-04094).md | 14 ++++++++++++++
 1 file changed, 14 insertions(+)
 create mode 100644 Ollama  Unauthorized Access Vulnerability (CNVD-2025-04094).md

diff --git a/Ollama  Unauthorized Access Vulnerability (CNVD-2025-04094).md b/Ollama  Unauthorized Access Vulnerability (CNVD-2025-04094).md
new file mode 100644
index 0000000..d7cd0e9
--- /dev/null
+++ b/Ollama  Unauthorized Access Vulnerability (CNVD-2025-04094).md	
@@ -0,0 +1,14 @@
+**Updated document date: October 31, 2024** 
+
+## 	Ollama /api/tags Unauthorized Access Vulnerability (CNVD-2025-04094)
+|   **Vulnerability**  | 	Ollama /api/tags Unauthorized Access Vulnerability (CNVD-2025-04094)|
+| :----:   | :-----|
+|  **Chinese name**  |	Ollama /api/tags 未授权访问漏洞（CNVD-2025-04094） |
+| **CVSS core**  | 		6.50 |
+| **FOFA Query**  (click to view the results directly)|  [app="Ollama"]
+| **Number of assets affected**  | 2.3W+ |
+| **Description**  |Ollama is an open-source Large Language Model (LLM) runtime environment and toolkit designed to help developers easily deploy, manage, and use models such as DeepSeek. Recently, it was disclosed that if Ollama directly exposes the service port (default 11434) to the public network and does not enable an authentication mechanism, remote attackers can access its high-risk interfaces without authorization. |
+| **Impact** | Attackers may exploit these unauthorized interfaces to access sensitive data, abuse resources, or tamper with system configurations, further escalating the attack.
+| **Affected versions** | all
+
+![](https://s3.bmp.ovh/imgs/2025/03/03/6e1cea33e52a0487.gif)