CVE-2024-5186

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-5186
A Server-Side Request Forgery (SSRF) vulnerability exists in the file upload section of imartinez/privategpt version 0.5.0. This vulnerability allows attackers to send crafted requests that could result in unauthorized access to the local network and potentially sensitive information. Specifically, by manipulating the 'path' parameter in a file upload request, an attacker can cause the application to make arbitrary requests to internal services, including the AWS metadata endpoint. This issue could lead to the exposure of internal servers and sensitive data.

8.3 /10

CVSS v3 : HIGH

V3 Legend

Vector : AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L

Exploitability : 3.9 / Impact : 3.7

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact LOW

Scope CHANGED

References
Link Resource
https://huntr.com/bounties/5f421645-3546-4a67-a421-ee1bc4b6e3a3
Configurations

No configuration.

History

07 Jun 2024, 14:56

Type Values Removed Values Added
Summary
  • (es) Existe una vulnerabilidad de Server-Side Request Forgery (SSRF) en la sección de carga de archivos de imartinez/privategpt versión 0.5.0. Esta vulnerabilidad permite a los atacantes enviar solicitudes manipuladas que podrían resultar en acceso no autorizado a la red local e información potencialmente confidencial. Específicamente, al manipular el parámetro 'ruta' en una solicitud de carga de archivos, un atacante puede hacer que la aplicación realice solicitudes arbitrarias a servicios internos, incluido el endpoint de metadatos de AWS. Este problema podría provocar la exposición de servidores internos y datos confidenciales.

06 Jun 2024, 19:16

Type Values Removed Values Added
New CVE
Information

Published : 2024-06-06 19:16

Updated : 2024-06-07 14:56

NVD link : CVE-2024-5186

Mitre link : CVE-2024-5186

CVE.ORG link : CVE-2024-5186

JSON object : View

Products Affected

No product.

CWE
CWE-918

Server-Side Request Forgery (SSRF)