File Overwrite Vulnerability in ChuanhuChatGPT by Gaizhenbiao
CVE-2024-5823

9.1CRITICAL

Key Information:

Vendor: Gaizhenbiao
Status: Chuanhuchatgpt
Vendor: CVE Published:; 29 October 2024

🔔 Create Gaizhenbiao Vulnerability Alert

What is CVE-2024-5823?

A file overwrite vulnerability in ChuanhuChatGPT affects versions up to 20240410, allowing attackers to gain unauthorized access to critical configuration files. This vulnerability not only permits changes to system behavior and security settings but also opens the door for potential denial of service (DoS) attacks that disrupt normal operations. Proper security measures must be implemented to mitigate the risk associated with this vulnerability and ensure the integrity of the system.

References

https://huntr.com/bounties/ca361701-7d68-4df6-8da0-caad4b...

https://github.com/gaizhenbiao/chuanhuchatgpt/commit/720c...

CVSS V3.1

Score:

9.1

Severity:

CRITICAL

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 29, 2024