CVE-2024-6037 HIGH

CVE-2024-6037: Arbitrary Folder Creation in gaizhenbiao/chuanhuchatgpt

Vendor Gaizhenbiao
Product gaizhenbiao/chuanhuchatgpt
Weakness CWE-770 · Uncontrolled resource consumption
Published July 10, 2024
Last update October 15, 2025

CVSS base score

7.5/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality None
Integrity None

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

What the vulnerability does

01Description

A vulnerability in gaizhenbiao/chuanhuchatgpt version 20240410 allows an attacker to create arbitrary folders at any location on the server, including the root directory (C: dir). This can lead to uncontrolled resource consumption, resulting in resource exhaustion, denial of service (DoS), server unavailability, and potential data loss or corruption.

Key dates

02Disclosure timeline

July 10, 2024 CVE published
October 15, 2025 Record updated