Описание
An incorrect authorization vulnerability exists in gaizhenbiao/chuanhuchatgpt version git c91dbfc. The vulnerability allows any user to restart the server at will, leading to a complete loss of availability. The issue arises because the function responsible for restarting the server is not properly guarded by an admin check.
Ссылки
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:gaizhenbiao:chuanhuchatgpt:2024-12-04:*:*:*:*:*:*:*
EPSS
Процентиль: 26%
0.00093
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-863
Связанные уязвимости
CVSS3: 6.5
github
11 месяцев назад
An incorrect authorization vulnerability exists in gaizhenbiao/chuanhuchatgpt version git c91dbfc. The vulnerability allows any user to restart the server at will, leading to a complete loss of availability. The issue arises because the function responsible for restarting the server is not properly guarded by an admin check.
EPSS
Процентиль: 26%
0.00093
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-863