Denial of Service Vulnerability in ChuanhuChatGPT by Gradio
CVE-2024-10650

7.5HIGH

Key Information:

Vendor: Gaizhenbiao
Status: Gaizhenbiao/chuanhuchatgpt
Vendor: CVE Published:; 20 March 2025

🔔 Create Gaizhenbiao Vulnerability Alert

What is CVE-2024-10650?

An unauthenticated Denial of Service (DoS) vulnerability exists in ChuanhuChatGPT version 20240918. The flaw allows attackers to exploit the service by transmitting large data payloads via malformed multipart boundaries. Even after rectifications for earlier vulnerabilities, this particular issue remains, as attackers can send data in structured groups of 10 characters across multiple lines. This manipulation can lead to significant service disruption, compelling the system to process excessive data input, ultimately resulting in prolonged unavailability of the application.

Affected Version(s)

gaizhenbiao/chuanhuchatgpt <= unspecified

References

https://huntr.com/bounties/f820371d-a878-44bf-b1fd-2d837d...

CVSS V3.0

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 20, 2025
Vulnerability Reserved
Oct 31, 2024