Cyber Resilience

CVE-2024-10956

HighPublic PoC

Published: 20 March 2025

Published
20 March 2025
Modified
15 July 2025
KEV Added
Patch
CVSS Score v3.1 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:N
EPSS Score 0.0008 24.1th percentile
Risk Priority 14 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-10956 is a high-severity Origin Validation Error (CWE-346) vulnerability in Binary-Husky Gpt Academic. Its CVSS base score is 7.1 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 24.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

This vulnerability is AI-related — categorised as LLM Application Platforms; in the Supply Chain and Deployment risk domain.

The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and SC-23 (Session Authenticity).

Deeper analysis

CVE-2024-10956 is a Cross-Site WebSocket Hijacking (CSWSH) vulnerability affecting GPT Academy version 3.83 in the binary-husky/gpt_academic GitHub repository. The flaw stems from insufficient WebSocket authentication and lack of origin validation, enabling attackers to hijack existing WebSocket connections between a victim's browser and the server. It carries a CVSS v3.1 base score of 7.1 (AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:N) and is associated with CWE-346 (Origin Validation Error).

An attacker can exploit this vulnerability without privileges by tricking a victim into visiting a malicious webpage via social engineering or other means requiring user interaction. Once the victim loads the attacker's page, it hijacks the active WebSocket connection to the GPT Academy server, allowing unauthorized actions such as deleting the victim's conversation history without consent. This results in high integrity impact with low confidentiality impact and no availability disruption.

Mitigation details and additional technical analysis are provided in the Huntr advisory at https://huntr.com/bounties/0f8403ad-5f60-4eb9-9f51-8fbd2e41eda4.

EU & UK References

Vulnerability details

GPT Academy version 3.83 in the binary-husky/gpt_academic repository is vulnerable to Cross-Site WebSocket Hijacking (CSWSH). This vulnerability allows an attacker to hijack an existing WebSocket connection between the victim's browser and the server, enabling unauthorized actions such as deleting conversation…

more

history without the victim's consent. The issue arises due to insufficient WebSocket authentication and lack of origin validation.

CWE(s)

AI Security AnalysisAI

AI Category
LLM Application Platforms
Risk Domain
Supply Chain and Deployment
OWASP Top 10 for LLMs 2025
None mapped
Classification Reason
Matched keywords: gpt

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

CVE-2024-10956 is a CSWSH vulnerability in a public-facing web application (GPT Academy), enabling attackers to exploit lack of WebSocket origin validation and authentication to hijack connections from victims' browsers and perform unauthorized actions like deleting data.

CVEs Like This One

CVE-2024-11031Same product: Binary-Husky Gpt Academic
CVE-2025-25185Same product: Binary-Husky Gpt Academic
CVE-2024-11030Same product: Binary-Husky Gpt Academic
CVE-2024-10819Same product: Binary-Husky Gpt Academic
CVE-2026-0762Same product: Binary-Husky Gpt Academic
CVE-2026-0764Same product: Binary-Husky Gpt Academic
CVE-2026-0763Same product: Binary-Husky Gpt Academic
CVE-2026-6662Shared CWE-346
CVE-2025-1102Shared CWE-346
CVE-2026-6508Shared CWE-346

Affected Assets

binary-husky
gpt academic
3.83

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly protects the authenticity of WebSocket communications sessions, mitigating CSWSH by requiring validation of origin and authentication to prevent hijacking.

prevent

Enforces approved authorizations for access to WebSocket resources, addressing insufficient WebSocket authentication to block unauthorized actions.

prevent

Validates information inputs such as Origin headers during WebSocket handshakes, directly countering the lack of origin validation exploited in this CVE.

References