The vulnerability allows an attacker to exploit the file upload functionality by adding an excessive number of characters to the end of a multipart boundary. This causes the system to continuously process each character, leading to resource exhaustion and making the service unavailable. The attack can be easily executed using tools like BurpSuite to intercept and modify the upload request. The impact is significant as it can render the service inaccessible for extended periods, disrupting operations and causing potential data inaccessibility.

An attacker intercepts a file upload request to ChuanhuChatGPT using a tool like BurpSuite. They then append a large number of characters to the end of the multipart boundary in the request. When the modified request is sent, the server begins processing each character, leading to resource exhaustion and making ChuanhuChatGPT unavailable for hours.

Users and administrators of ChuanhuChatGPT version 20240628 are affected by this vulnerability. Any service relying on ChuanhuChatGPT for operations could experience significant disruptions.