CVE-2024-5936 – An open redirect vulnerability in imartinez/pri... (How to Fix)

Q: What is the severity of CVE-2024-5936?

CVE-2024-5936 has a CVSS score of 6.1 (MEDIUM). An open redirect vulnerability in imartinez/privategpt version 0.5.0 allows attackers to redirect users to malicious websites by manipulating the 'file' parameter. This can lead to phishing attacks, malware distribution, and credential theft. Users of PrivateGPT 0.5.0 are affected.

📋 TL;DR

An open redirect vulnerability in imartinez/privategpt version 0.5.0 allows attackers to redirect users to malicious websites by manipulating the 'file' parameter. This can lead to phishing attacks, malware distribution, and credential theft. Users of PrivateGPT 0.5.0 are affected.

💻 Affected Systems

Products:

imartinez/privategpt

Versions: 0.5.0

Operating Systems: all

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects PrivateGPT version 0.5.0; other versions are not vulnerable.

📦 What is this software?

Privategpt by Pribai

View all CVEs affecting Privategpt →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Users are redirected to sophisticated phishing sites that steal credentials or install malware, leading to full account compromise or system infection.

🟠

Likely Case

Attackers use the redirect for phishing campaigns to harvest user credentials or distribute low-level malware.

🟢

If Mitigated

With proper input validation, users are protected from malicious redirects, maintaining normal application functionality.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires user interaction (clicking a link) but is technically simple.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 0.5.1 or later

Vendor Advisory: https://github.com/imartinez/privategpt/security/advisories

Restart Required: Yes

Instructions:

1. Update PrivateGPT to version 0.5.1 or later. 2. Restart the application. 3. Verify the fix by testing redirect functionality.

🔧 Temporary Workarounds

Input Validation Filter

all

Implement server-side validation to restrict 'file' parameter to allowed URLs or domains.

Modify source code to validate and sanitize the 'file' parameter input.

🧯 If You Can't Patch

Implement a web application firewall (WAF) rule to block malicious redirect patterns.
Educate users to avoid clicking on untrusted links from the application.

🔍 How to Verify

Check if Vulnerable:

Test by accessing the application with a crafted 'file' parameter containing a malicious URL and check if redirect occurs.

Check Version:

Check the application version in the UI or run 'privategpt --version' if available.

Verify Fix Applied:

After patching, repeat the test; the application should not redirect to external malicious URLs.

📡 Detection & Monitoring

Log Indicators:

Unusual redirect patterns in access logs, especially with external URLs in 'file' parameter.

Network Indicators:

Outbound HTTP requests to unexpected domains following application access.

SIEM Query:

source="privategpt_logs" AND url="*file=*" AND (url="*http://*" OR url="*https://*")

📊 Metadata

CVE ID: CVE-2024-5936

CVSS v3 Score: 6.1 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CWE: CWE-601

Published: June 27, 2024

Last Updated: July 17, 2025

🔗 References

https://huntr.com/bounties/43f05c1e-d7b8-45e2-b1fe-48faf1e3a48d Exploit,Third Party Advisory
https://huntr.com/bounties/43f05c1e-d7b8-45e2-b1fe-48faf1e3a48d Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-5936, you might also want to check these: