Login Sign Up

CVE-2024-4321

7.5 HIGH

📋 TL;DR

A Local File Inclusion vulnerability in gaizhenbiao/chuanhuchatgpt version 20240310 allows attackers to read arbitrary files on the server by manipulating the 'name' parameter during chat history upload. This can expose sensitive information like API keys and private data. Only users running the specific vulnerable version are affected.

💻 Affected Systems

Products:
  • gaizhenbiao/chuanhuchatgpt
Versions: 20240310
Operating Systems: All platforms running the vulnerable application
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects the specific version mentioned; earlier or later versions may not be vulnerable.

📦 What is this software?

Chuanhuchatgpt by Gaizhenbiao

View all CVEs affecting Chuanhuchatgpt →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete server compromise through reading sensitive configuration files, credential theft, and potential privilege escalation.

🟠

Likely Case

Information disclosure of API keys, configuration files, and user data stored on the server.

🟢

If Mitigated

Limited impact with proper file permissions and input validation in place.

🌐 Internet-Facing: HIGH - The vulnerability can be exploited remotely via HTTP requests.
🏢 Internal Only: MEDIUM - Internal attackers could still exploit this if they have network access to the application.

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploitation requires intercepting and modifying HTTP requests, but the vulnerability itself is straightforward to exploit.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Version after 20240310 (check repository for latest)

Vendor Advisory: https://huntr.com/bounties/19a16f8e-3d92-498f-abc9-8686005f067e

Restart Required: Yes

Instructions:

1. Update to the latest version from the official repository. 2. Restart the application. 3. Verify the fix by testing the vulnerable endpoint.

🔧 Temporary Workarounds

Input Validation Filter

all

Implement server-side validation to restrict file paths to allowed directories only.

Implement path traversal filters in the upload handler code

File Permission Restriction

linux

Set strict file permissions on sensitive directories to prevent unauthorized reads.

chmod 600 /path/to/sensitive/files
chown root:root /path/to/sensitive/files

🧯 If You Can't Patch

  • Disable the chat history upload functionality entirely.
  • Implement a web application firewall (WAF) with LFI protection rules.

🔍 How to Verify

Check if Vulnerable:

Test by attempting to read /etc/passwd or other known files via the chat history upload endpoint with a manipulated 'name' parameter.

Check Version:

Check the application version in its configuration or via the interface if available.

Verify Fix Applied:

Attempt the same exploitation test after patching; it should return an error or fail to read unauthorized files.

📡 Detection & Monitoring

Log Indicators:

  • Unusual file path patterns in upload requests
  • Multiple failed attempts to access sensitive files

Network Indicators:

  • HTTP requests with path traversal sequences (../) in parameters

SIEM Query:

source="web_logs" AND (uri_path="*upload*" AND param_name="name" AND param_value="*../*")

📊 Metadata

CVE ID: CVE-2024-4321
CVSS v3 Score: 7.5 (HIGH)
CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CWE: CWE-20
Published: May 16, 2024
Last Updated: July 10, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-4321, you might also want to check these:

CVE-2022-47190 10.0

CVE-2022-47190 allows remote attackers to upload malicious firmware containing a webshell to Generex...

Same vulnerability type (CWE-20)
CVE-2024-3400 10.0

CVE-2024-3400 is a critical command injection vulnerability in Palo Alto Networks PAN-OS GlobalProte...

Same vulnerability type (CWE-20)
CVE-2023-42802 10.0

This critical vulnerability in GLPI allows attackers to upload malicious PHP files to unauthorized d...

Same vulnerability type (CWE-20)