2 matches found
CVE-2023-34094 ChuanhuChatGPT vulnerable to unauthorized configuration file access
ChuanhuChatGPT is a graphical user interface for ChatGPT and many large language models. A vulnerability in versions 20230526 and prior allows unauthorized access to the config.json file of the privately deployed ChuanghuChatGPT project, when authentication is not configured. The attacker can...
CVE-2023-34094
Summary: CVE-2023-34094 affects the ChuanhuChatGPT GUI for ChatGPT and related LLMs. A vulnerability in versions 20230526 and earlier allows an unauthenticated attacker to read the private config.json file, enabling theft of API keys stored there. The issue arises when authentication is not confi...