Home

Description

A vulnerability in gaizhenbiao/chuanhuchatgpt version 20240410 allows an attacker to create arbitrary folders at any location on the server, including the root directory (C: dir). This can lead to uncontrolled resource consumption, resulting in resource exhaustion, denial of service (DoS), server unavailability, and potential data loss or corruption.

PUBLISHED Reserved 2024-06-15 | Published 2024-07-10 | Updated 2025-10-15 | Assigner @huntr_ai




HIGH: 7.5CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Problem types

CWE-770 Allocation of Resources Without Limits or Throttling

Product status

Any version before 20240918
affected

References

huntr.com/bounties/eca6904f-f9fd-40c8-9e85-96f54daf405e

huntr.com/bounties/eca6904f-f9fd-40c8-9e85-96f54daf405e

github.com/...ommit/71cb89c4c948dae5aaa0ae64b98f98e3965bdb37

cve.org (CVE-2024-6037)

nvd.nist.gov (CVE-2024-6037)

Download JSON