High

chuanhuchatgpt

Insufficient Patch for Multipart Boundary DoS Vulnerability

An unauthenticated Denial of Service (DoS) vulnerability (CVE-2024-7807) was identified in ChuanhuChatGPT version 20240918. The vulnerability allows attackers to exploit the system by sending large data payloads using a multipart boundary. Although a patch was applied, the issue persists and was not fully mitigated.

Available publicly on Dec 20 2024

7.5

CVE:

CVE-2024-10650

CWE:

400:Uncontrolled Resource Consumption

CVSS:

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Credit:

mnqazi
AssessDetect

Unavailable

Remediate
Remediation Steps
  1. Review and enhance the patch for CVE-2024-7807 to ensure it fully mitigates the vulnerability.
  2. Implement rate limiting and payload size restrictions to prevent excessive resource consumption.
  3. Conduct thorough testing to verify the effectiveness of the new patch.
  4. Update ChuanhuChatGPT to the latest version with the improved patch.
  5. Monitor the system for any signs of exploitation and respond promptly to any incidents.
Patch Details
  • Fixed Version: N/A
  • Patch Commit: N/A
Want more out of Sightline?

Sightline offers even more for premium customers

Go Premium

We have - related security advisories that are available with Sightline Premium.