CVE-2024-5982 CRITICAL

CVE-2024-5982: Path Traversal in gaizhenbiao/chuanhuchatgpt

Vendor Gaizhenbiao
Product gaizhenbiao/chuanhuchatgpt
Weakness CWE-22 · Path traversal
Published October 29, 2024
Last update October 29, 2024

CVSS base score

9.1/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality None
Integrity High

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

What the vulnerability does

01Description

A path traversal vulnerability exists in the latest version of gaizhenbiao/chuanhuchatgpt. The vulnerability arises from unsanitized input handling in multiple features, including user upload, directory creation, and template loading. Specifically, the load_chat_history function in modules/models/base_model.py allows arbitrary file uploads, potentially leading to remote code execution (RCE). The get_history_names function in utils.py permits arbitrary directory creation. Additionally, the load_template function in utils.py can be exploited to leak the first column of CSV files. These issues stem from improper sanitization of user inputs concatenated with directory paths using os.path.join.

Key dates

02Disclosure timeline

October 29, 2024 CVE published
October 29, 2024 Record updated

Related vulnerabilities

04Related CVE