CVE-2024-5982
- Reference to the description:
- Description:
- A path traversal vulnerability exists in the latest version of gaizhenbiao/chuanhuchatgpt. The vulnerability arises from unsanitized input handling in multiple features, including user upload, directory creation, and template loading. Specifically, the load_chat_history function in modules/models/base_model.py allows arbitrary file uploads, potentially leading to remote code execution (RCE). The get_history_names function in utils.py permits arbitrary directory creation. Additionally, the load_template function in utils.py can be exploited to leak the first column of CSV files. These issues stem from improper sanitization of user inputs concatenated with directory paths using os.path.join.
- Last updated date:
- 11/14/2024
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 11/14/2024
- Reference url to background
https://huntr.com/bounties/5d5c5356-e893-44d1-b5ca-642aa05d96bb