We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2024-6036

Denial of Service in gaizhenbiao/chuanhuchatgpt



Description

A vulnerability in gaizhenbiao/chuanhuchatgpt version 20240410 allows any user to restart the server at will by sending a specific request to the `/queue/join?` endpoint with `"fn_index":66`. This unrestricted server restart capability can severely disrupt service availability, cause data loss or corruption, and potentially compromise system integrity.

Reserved 2024-06-15 | Published 2024-07-10 | Updated 2024-08-01 | Assigner @huntr_ai


HIGH: 7.5CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Problem types

CWE-400 Uncontrolled Resource Consumption

Product status

Any version
affected

References

huntr.com/bounties/e9eaaea9-5750-4955-9142-2f12ad4b06db

cve.org (CVE-2024-6036)

nvd.nist.gov (CVE-2024-6036)

Download JSON

Share this page
https://cve.threatint.eu/CVE/CVE-2024-6036

Support options

Helpdesk Chat, Email, Knowledgebase