Improper Authorization in ChuanhuChatGPT by Gaizhenbiao
CVE-2024-9159

6.5MEDIUM

Key Information:

Vendor: Gaizhenbiao
Status: Gaizhenbiao/chuanhuchatgpt
Vendor: CVE Published:; 20 March 2025

🔔 Create Gaizhenbiao Vulnerability Alert

What is CVE-2024-9159?

An improper authorization vulnerability in ChuanhuChatGPT allows any user to restart the server without appropriate permission checks. This leads to a potential complete outage of the service, as critical functions are not adequately secured against misuse. Adequate administrative safeguards need to be implemented to prevent unauthorized access to server control functions.

Affected Version(s)

gaizhenbiao/chuanhuchatgpt <= unspecified

References

https://huntr.com/bounties/ab0f8fbb-c17a-45a7-8dab-7d4c8b...

CVSS V3.0

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 20, 2025
Vulnerability Reserved
Sep 24, 2024