Ollama Unauthorized Access Vulnerability Due to Improper Configuration (CNVD-2025-04094)
março 13, 2025
Overview Recently, NSFOCUS detected that Ollama improperly configured and unauthorized access vulnerabilities were disclosed online (CNVD-2025-04094); Because Ollama does not have authentication and access control functions by default, when a user opens the service (port 11434 by default) to the public network, an unauthenticated attacker can directly call its API interface to steal sensitive model […]
