{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-7962", "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "state": "PUBLISHED", "assignerShortName": "@huntr_ai", "dateReserved": "2024-08-19T19:03:41.087Z", "datePublished": "2024-10-29T12:47:58.697Z", "dateUpdated": "2024-10-29T13:38:20.986Z"}, "containers": {"cna": {"title": "Arbitrary File Read via Insufficient Validation in gaizhenbiao/chuanhuchatgpt", "providerMetadata": {"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntr_ai", "dateUpdated": "2024-10-29T12:47:58.697Z"}, "descriptions": [{"lang": "en", "value": "An arbitrary file read vulnerability exists in gaizhenbiao/chuanhuchatgpt version 20240628 due to insufficient validation when loading prompt template files. An attacker can read any file that matches specific criteria using an absolute path. The file must not have a .json extension and, except for the first line, every other line must contain commas. This vulnerability allows reading parts of format-compliant files, including code and log files, which may contain highly sensitive information such as account credentials."}], "affected": [{"vendor": "gaizhenbiao", "product": "gaizhenbiao/chuanhuchatgpt", "versions": [{"version": "unspecified", "lessThan": "20240918", "status": "affected", "versionType": "custom"}]}], "references": [{"url": "https://huntr.com/bounties/83f0a8e1-490c-49e7-b334-02125ee0f1b1"}, {"url": "https://github.com/gaizhenbiao/chuanhuchatgpt/commit/2836fd1db3efcd5ede63c0e7fbbdf677730dbb51"}], "metrics": [{"cvssV3_0": {"version": "3.0", "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "baseScore": 7.5, "baseSeverity": "HIGH"}}], "problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-29 Path Traversal: '\\..\\filename'", "cweId": "CWE-29"}]}], "source": {"advisory": "83f0a8e1-490c-49e7-b334-02125ee0f1b1", "discovery": "EXTERNAL"}}, "adp": [{"affected": [{"vendor": "gaizhenbiao", "product": "gaizhenbiao\\/chuanhuchatgpt", "cpes": ["cpe:2.3:a:gaizhenbiao:gaizhenbiao\\/chuanhuchatgpt:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "20240918", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-10-29T13:37:04.102669Z", "id": "CVE-2024-7962", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-29T13:38:20.986Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-7962", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-10-29T13:37:04.102669Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:gaizhenbiao:gaizhenbiao\\/chuanhuchatgpt:*:*:*:*:*:*:*:*"], "vendor": "gaizhenbiao", "product": "gaizhenbiao\\/chuanhuchatgpt", "versions": [{"status": "affected", "version": "0", "lessThan": "20240918", "versionType": "custom"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-29T13:38:13.219Z"}}], "cna": {"title": "Arbitrary File Read via Insufficient Validation in gaizhenbiao/chuanhuchatgpt", "source": {"advisory": "83f0a8e1-490c-49e7-b334-02125ee0f1b1", "discovery": "EXTERNAL"}, "metrics": [{"cvssV3_0": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "gaizhenbiao", "product": "gaizhenbiao/chuanhuchatgpt", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "20240918", "versionType": "custom"}]}], "references": [{"url": "https://huntr.com/bounties/83f0a8e1-490c-49e7-b334-02125ee0f1b1"}, {"url": "https://github.com/gaizhenbiao/chuanhuchatgpt/commit/2836fd1db3efcd5ede63c0e7fbbdf677730dbb51"}], "descriptions": [{"lang": "en", "value": "An arbitrary file read vulnerability exists in gaizhenbiao/chuanhuchatgpt version 20240628 due to insufficient validation when loading prompt template files. An attacker can read any file that matches specific criteria using an absolute path. The file must not have a .json extension and, except for the first line, every other line must contain commas. This vulnerability allows reading parts of format-compliant files, including code and log files, which may contain highly sensitive information such as account credentials."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-29", "description": "CWE-29 Path Traversal: '\\..\\filename'"}]}], "providerMetadata": {"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntr_ai", "dateUpdated": "2024-10-29T12:47:58.697Z"}}}, "cveMetadata": {"cveId": "CVE-2024-7962", "state": "PUBLISHED", "dateUpdated": "2024-10-29T13:38:20.986Z", "dateReserved": "2024-08-19T19:03:41.087Z", "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "datePublished": "2024-10-29T12:47:58.697Z", "assignerShortName": "@huntr_ai"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:gaizhenbiao:chuanhuchatgpt:20240628:*:*:*:*:*:*:*", "matchCriteriaId": "1FC10782-5CE4-4545-A3F3-499CB770338B", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An arbitrary file read vulnerability exists in gaizhenbiao/chuanhuchatgpt version 20240628 due to insufficient validation when loading prompt template files. An attacker can read any file that matches specific criteria using an absolute path. The file must not have a .json extension and, except for the first line, every other line must contain commas. This vulnerability allows reading parts of format-compliant files, including code and log files, which may contain highly sensitive information such as account credentials."}, {"lang": "es", "value": "Existe una vulnerabilidad de lectura de archivos arbitrarios en la versi\u00f3n 20240628 de gaizhenbiao/chuanhuchatgpt debido a una validaci\u00f3n insuficiente al cargar archivos de plantilla de solicitud. Un atacante puede leer cualquier archivo que coincida con criterios espec\u00edficos utilizando una ruta absoluta. El archivo no debe tener una extensi\u00f3n .json y, a excepci\u00f3n de la primera l\u00ednea, todas las dem\u00e1s l\u00edneas deben contener comas. Esta vulnerabilidad permite leer partes de archivos que cumplen con el formato, incluidos archivos de c\u00f3digo y de registro, que pueden contener informaci\u00f3n altamente confidencial, como credenciales de cuenta."}], "id": "CVE-2024-7962", "lastModified": "2024-11-01T14:19:28.453", "metrics": {"cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "security@huntr.dev", "type": "Secondary"}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-10-29T13:15:10.557", "references": [{"source": "security@huntr.dev", "tags": ["Patch"], "url": "https://github.com/gaizhenbiao/chuanhuchatgpt/commit/2836fd1db3efcd5ede63c0e7fbbdf677730dbb51"}, {"source": "security@huntr.dev", "tags": ["Exploit", "Third Party Advisory"], "url": "https://huntr.com/bounties/83f0a8e1-490c-49e7-b334-02125ee0f1b1"}], "sourceIdentifier": "security@huntr.dev", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-29"}], "source": "security@huntr.dev", "type": "Secondary"}]}

{}