Login Sign Up

CVE-2024-4941

7.5 HIGH

📋 TL;DR

This CVE describes a local file inclusion vulnerability in gradio-app/gradio version 4.25. Attackers can exploit improper JSON parsing in the postprocess() function to read arbitrary files from the remote system by manipulating the 'path' key in JSON input. This affects any system running the vulnerable gradio version with JSON components enabled.

💻 Affected Systems

Products:
  • gradio-app/gradio
Versions: Version 4.25 specifically
Operating Systems: All operating systems running gradio
Default Config Vulnerable: ⚠️ Yes
Notes: Requires JSON component usage; any gradio application accepting JSON input through the vulnerable component is affected.

📦 What is this software?

Gradio by Gradio Project

View all CVEs affecting Gradio →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise through reading sensitive files like /etc/passwd, SSH keys, configuration files, or database credentials, potentially leading to lateral movement or data exfiltration.

🟠

Likely Case

Unauthorized reading of application files, configuration data, or user-uploaded files stored in accessible directories.

🟢

If Mitigated

Limited impact with proper file permissions and network segmentation, potentially only reading non-sensitive application files.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Exploitation requires sending crafted JSON with a 'path' key to vulnerable endpoints; proof-of-concept exists in public references.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Versions after commit ee1e2942e0a1ae84a08a05464e41c8108a03fa9c

Vendor Advisory: https://github.com/gradio-app/gradio/commit/ee1e2942e0a1ae84a08a05464e41c8108a03fa9c

Restart Required: Yes

Instructions:

1. Update gradio to latest version using 'pip install --upgrade gradio'. 2. Verify version is >4.25. 3. Restart all gradio applications.

🔧 Temporary Workarounds

Disable JSON component

all

Remove or disable JSON input components from gradio applications if not required.

Input validation middleware

all

Implement custom middleware to validate and sanitize JSON input before processing.

🧯 If You Can't Patch

  • Implement strict file system permissions to limit readable directories
  • Deploy network segmentation and WAF rules to block suspicious JSON payloads

🔍 How to Verify

Check if Vulnerable:

Check if running gradio version 4.25: 'pip show gradio' or examine package metadata.

Check Version:

pip show gradio | grep Version

Verify Fix Applied:

Verify gradio version is updated beyond 4.25 and test JSON input with 'path' key to ensure no file access occurs.

📡 Detection & Monitoring

Log Indicators:

  • Unusual file access patterns from gradio process
  • JSON payloads containing 'path' keys with file paths

Network Indicators:

  • HTTP requests to /file= endpoints with unusual file paths
  • JSON POST requests with path traversal patterns

SIEM Query:

source="gradio" AND (json.path=* OR file_access=*)

📊 Metadata

CVE ID: CVE-2024-4941
CVSS v3 Score: 7.5 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CWE: CWE-22
Published: June 6, 2024
Last Updated: October 15, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-4941, you might also want to check these:

CVE-2024-43955 10.0

CVE-2024-43955 is an unauthenticated path traversal vulnerability in the Droip WordPress plugin that...

Same vulnerability type (CWE-22)
CVE-2025-54261 10.0

This critical path traversal vulnerability in Adobe ColdFusion allows attackers to escape restricted...

Same vulnerability type (CWE-22)
CVE-2024-40628 10.0

This critical vulnerability in JumpServer allows attackers to read arbitrary files from the Celery c...

Same vulnerability type (CWE-22)