We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2024-6037

Arbitrary Folder Creation in gaizhenbiao/chuanhuchatgpt



Description

A vulnerability in gaizhenbiao/chuanhuchatgpt version 20240410 allows an attacker to create arbitrary folders at any location on the server, including the root directory (C: dir). This can lead to uncontrolled resource consumption, resulting in resource exhaustion, denial of service (DoS), server unavailability, and potential data loss or corruption.

Reserved 2024-06-15 | Published 2024-07-10 | Updated 2024-08-01 | Assigner @huntr_ai


HIGH: 7.5CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Problem types

CWE-400 Uncontrolled Resource Consumption

Product status

Any version
affected

References

huntr.com/bounties/eca6904f-f9fd-40c8-9e85-96f54daf405e

cve.org (CVE-2024-6037)

nvd.nist.gov (CVE-2024-6037)

Download JSON

Share this page
https://cve.threatint.eu/CVE/CVE-2024-6037

Support options

Helpdesk Chat, Email, Knowledgebase