CVE-2024-5823 MEDIUM

CVE-2024-5823: File Overwrite Vulnerability in gaizhenbiao/chuanhuchatgpt

Vendor Gaizhenbiao
Product gaizhenbiao/chuanhuchatgpt
Weakness CWE-73
Published October 29, 2024
Last update October 29, 2024

CVSS base score

6.5/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality None
Integrity Low

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

What the vulnerability does

01Description

A file overwrite vulnerability exists in gaizhenbiao/chuanhuchatgpt versions <= 20240410. This vulnerability allows an attacker to gain unauthorized access to overwrite critical configuration files within the system. Exploiting this vulnerability can lead to unauthorized changes in system behavior or security settings. Additionally, tampering with these configuration files can result in a denial of service (DoS) condition, disrupting normal system operation.

Key dates

02Disclosure timeline

October 29, 2024 CVE published
October 29, 2024 Record updated