CVE-2024-10950 – This vulnerability allows attackers to execute ... (How to Fix)

Q: What is the severity of CVE-2024-10950?

CVE-2024-10950 has a CVSS score of 8.8 (HIGH). This vulnerability allows attackers to execute arbitrary code on servers running vulnerable versions of binary-husky/gpt_academic through prompt injection in the CodeInterpreter plugin. Users running version 3.83 or earlier are affected, potentially leading to complete server compromise.

📋 TL;DR

This vulnerability allows attackers to execute arbitrary code on servers running vulnerable versions of binary-husky/gpt_academic through prompt injection in the CodeInterpreter plugin. Users running version 3.83 or earlier are affected, potentially leading to complete server compromise.

💻 Affected Systems

Products:

binary-husky/gpt_academic

Versions: <= 3.83

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability exists when CodeInterpreter plugin is enabled and processing user prompts.

📦 What is this software?

Gpt Academic by Binary Husky

View all CVEs affecting Gpt Academic →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full remote code execution leading to complete server takeover, data exfiltration, lateral movement, and persistent backdoor installation.

🟠

Likely Case

Attacker gains shell access to the application server, allowing file system access, credential theft, and further exploitation of the environment.

🟢

If Mitigated

Limited impact with proper network segmentation and least privilege controls, potentially containing damage to isolated application components.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires ability to submit prompts to the CodeInterpreter plugin. No public exploit code available as of analysis.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: > 3.83

Vendor Advisory: https://huntr.com/bounties/9abb1617-0c1d-42c7-a647-d9d2b39c6866

Restart Required: No

Instructions:

1. Update to latest version of gpt_academic (post 3.83). 2. Verify CodeInterpreter plugin has proper sandboxing implemented. 3. Test functionality after update.

🔧 Temporary Workarounds

Disable CodeInterpreter Plugin

all

Temporarily disable the vulnerable plugin until patching is possible.

Modify configuration to disable CodeInterpreter plugin

Implement Input Validation

all

Add strict input validation and sanitization for prompts before processing.

Implement prompt validation rules in application code

🧯 If You Can't Patch

Implement network segmentation to isolate the vulnerable application from critical systems
Deploy application-level firewall with rules to detect and block suspicious prompt patterns

🔍 How to Verify

Check if Vulnerable:

Check gpt_academic version and verify if CodeInterpreter plugin is enabled in configuration.

Check Version:

Check package version or application metadata for version number

Verify Fix Applied:

Confirm version is > 3.83 and test CodeInterpreter functionality with safe prompts.

📡 Detection & Monitoring

Log Indicators:

Unusual prompt patterns in CodeInterpreter logs
Unexpected process execution from application context
Error messages related to code execution failures

Network Indicators:

Outbound connections from application server to unexpected destinations
Unusual network traffic patterns from application

SIEM Query:

source="gpt_academic" AND (event="code_execution" OR event="plugin_error")

📊 Metadata

CVE ID: CVE-2024-10950

CVSS v3 Score: 8.8 (HIGH)

CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-94

EPSS Score: 1.25% exploit probability (79th percentile)

Published: March 20, 2025

Last Updated: July 14, 2025

🔗 References

https://huntr.com/bounties/9abb1617-0c1d-42c7-a647-d9d2b39c6866 Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-10950, you might also want to check these: