In open-webui version 0.3.8, the endpoint "/models/upload" is vulnerable to arbitrary file write due to improper handling of user-supplied filenames. The vulnerability arises from the usage of "file_path = f"{UPLOAD_DIR}/{file.filename}"" without proper input validation or sanitization. An attacker can exploit this by manipulating the "file.filename" parameter to include directory traversal sequences, causing the resulting "file_path" to escape the intended "UPLOAD_DIR" and potentially overwrite arbitrary files on the system. This can lead to unauthorized modifications of system binaries, configuration files, or sensitive data, potentially enabling remote command execution.