Lucene search

GitHub Advisory DatabaseGHSA-QH6X-J82H-VPF9

HistoryApr 16, 2024 - 12:30 a.m.

gradio Server-Side Request Forgery vulnerability

2024-04-1600:30:32

CWE-601

GitHub Advisory Database

github.com

ssrf

vulnerability

gradio

repository

get request

internal network

open ports

manipulation

'file' parameter

'location' header

'file not allowed' error

software

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

7 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

32.8%

JSON

An SSRF (Server-Side Request Forgery) vulnerability exists in the gradio-app/gradio repository, allowing attackers to scan and identify open ports within an internal network. By manipulating the ‘file’ parameter in a GET request, an attacker can discern the status of internal ports based on the presence of a ‘Location’ header or a ‘File not allowed’ error in the response.

Affected configurations

Vulners

Node

gradio-appgradioRange<4.10.0

CPENameOperatorVersion
gradiolt4.10.0

CPE	Name	Operator	Version
	gradio	lt	4.10.0

References

github.com/advisories/GHSA-qh6x-j82h-vpf9

github.com/gradio-app/gradio/commit/2ad3d9e7ec6c8eeea59774265b44f11df7394bb4

github.com/gradio-app/gradio/commit/7ba8c5da45b004edd12c0460be9222f5b5f5f055

huntr.com/bounties/103434f9-87d2-42ea-9907-194a3c25007c

nvd.nist.gov/vuln/detail/CVE-2024-1183

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

7 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

32.8%

JSON

Related for GHSA-QH6X-J82H-VPF9