CVE-2024-12390
Published: 20 March 2025
Summary
CVE-2024-12390 is a high-severity Link Following (CWE-59) vulnerability in Binary-Husky Gpt Academic. Its CVSS base score is 8.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Cron (T1053.003); ranked in the top 13.3% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-7004
Vulnerability details
A vulnerability in binary-husky/gpt_academic version git 310122f allows for remote code execution. The application supports the extraction of user-provided RAR files without proper validation. The Python rarfile module, which supports symlinks, can be exploited to perform arbitrary file writes. This…
more
can lead to remote code execution by writing to sensitive files such as SSH keys, crontab files, or the application's own code.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Vulnerability enables remote exploitation of public-facing application (T1190) via improper RAR extraction allowing symlink-based arbitrary file writes, facilitating persistence through cron job modification (T1053.003) and addition of SSH authorized keys (T1098.004).
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.