Critical

chuanhuchatgpt

Path Traversal Due to Outdated Component

The chuanhuchatgpt application is vulnerable to a path traversal attack due to its use of an outdated gradio component, specifically affected by CVE-2023-51449. This vulnerability allows unauthorized access to sensitive files such as `config.json`. The issue was patched in the version released on 20240305.

Available publicly on May 16 2024

9.8

CVSS:

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Credit:

ouxs-19
Threat Overview

The vulnerability arises from the application's reliance on an outdated version of the gradio component, which does not properly restrict the access to the web_assets directory. This flaw allows attackers to bypass the intended directory restrictions and access files outside of the web_assets folder. Given that the config.json file can contain sensitive information such as API keys, exploiting this vulnerability could lead to significant security breaches.

Attack Scenario

An attacker can exploit this vulnerability by crafting a specially designed HTTP request that includes a path traversal sequence (../). By sending this request to the application, the attacker can access the config.json file or other sensitive files outside of the restricted web_assets directory. This could potentially expose sensitive information that could be used for further attacks.

Who is affected

Users of the chuanhuchatgpt application who have not updated to the patched version released on 20240305 are affected by this vulnerability. Specifically, deployments that contain sensitive information in the config.json file or other files outside of the web_assets directory are at risk.

Technical Report
Want more out of Sightline?

Sightline offers even more for premium customers

Go Premium

We have - related security advisories that are available with Sightline Premium.