Login Sign Up

CVE-2024-11030

7.5 HIGH
SSRF

📋 TL;DR

GPT Academic version 3.83 contains a Server-Side Request Forgery (SSRF) vulnerability in its HotReload plugin function. Attackers can exploit this to make the Gradio web server access unauthorized internal or external resources using the server's credentials. This affects all deployments running the vulnerable version.

💻 Affected Systems

Products:
  • GPT Academic
Versions: Version 3.83
Operating Systems: All
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects deployments with the HotReload plugin enabled, which is part of the default installation.

📦 What is this software?

Gpt Academic by Binary Husky

View all CVEs affecting Gpt Academic →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could access sensitive internal systems, exfiltrate data, or pivot to other network resources using the server's elevated privileges.

🟠

Likely Case

Unauthorized access to internal web services, metadata services, or cloud instance metadata leading to information disclosure.

🟢

If Mitigated

Limited impact if network segmentation restricts outbound connections and internal resource access is properly authenticated.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires access to the GPT Academic interface and knowledge of the vulnerable API endpoint.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Version 3.84 or later

Vendor Advisory: https://huntr.com/bounties/729d9928-c28a-40fd-8a86-bb4ca2984bba

Restart Required: No

Instructions:

1. Update GPT Academic to version 3.84 or later. 2. Verify the update by checking the version number. 3. No service restart required for the patch to take effect.

🔧 Temporary Workarounds

Disable HotReload Plugin

all

Temporarily disable the vulnerable HotReload plugin to prevent exploitation.

Modify configuration to disable HotReload functionality

Network Restriction

all

Implement network controls to restrict outbound connections from the GPT Academic server.

Configure firewall rules to block outbound HTTP/HTTPS from the server except to required services

🧯 If You Can't Patch

  • Implement strict network segmentation to isolate the GPT Academic server
  • Deploy a web application firewall (WAF) with SSRF protection rules

🔍 How to Verify

Check if Vulnerable:

Check if running GPT Academic version 3.83 with HotReload plugin enabled.

Check Version:

Check the GPT Academic interface or configuration files for version information

Verify Fix Applied:

Verify version is 3.84 or later and test the HotReload functionality with controlled SSRF test payloads.

📡 Detection & Monitoring

Log Indicators:

  • Unusual outbound HTTP requests from the GPT Academic server
  • Requests to internal IP addresses or metadata services

Network Indicators:

  • HTTP requests from GPT Academic server to unexpected destinations
  • Requests to cloud metadata endpoints (169.254.169.254, etc.)

SIEM Query:

source="gpt-academic-logs" AND (dest_ip IN private_ranges OR dest_ip="169.254.169.254")

📊 Metadata

CVE ID: CVE-2024-11030
CVSS v3 Score: 7.5 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CWE: CWE-918
EPSS Score: 0.07% exploit probability (21.1th percentile)
Published: March 20, 2025
Last Updated: July 14, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-11030, you might also want to check these:

CVE-2023-3432 10.0

This CVE describes a Server-Side Request Forgery (SSRF) vulnerability in PlantUML versions prior to ...

Same vulnerability type (CWE-918)
CVE-2025-2828 10.0

This Server-Side Request Forgery (SSRF) vulnerability in langchain-community's RequestsToolkit allow...

Same vulnerability type (CWE-918)
CVE-2023-43654 10.0

TorchServe versions 0.1.0 to 0.8.1 have a critical vulnerability where the default configuration lac...

Same vulnerability type (CWE-918)