Cyber Resilience

CVE-2024-12390

HighPublic PoC

Published: 20 March 2025

Published
20 March 2025
Modified
15 October 2025
KEV Added
Patch
CVSS Score v3 8.8 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0291 86.7th percentile
Risk Priority 19 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-12390 is a high-severity Link Following (CWE-59) vulnerability in Binary-Husky Gpt Academic. Its CVSS base score is 8.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Cron (T1053.003); ranked in the top 13.3% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

EU & UK References

Vulnerability details

A vulnerability in binary-husky/gpt_academic version git 310122f allows for remote code execution. The application supports the extraction of user-provided RAR files without proper validation. The Python rarfile module, which supports symlinks, can be exploited to perform arbitrary file writes. This…

more

can lead to remote code execution by writing to sensitive files such as SSH keys, crontab files, or the application's own code.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1053.003 Cron Execution
Adversaries may abuse the <code>cron</code> utility to perform task scheduling for initial or recurring execution of malicious code.
T1098.004 SSH Authorized Keys Persistence
Adversaries may modify the SSH <code>authorized_keys</code> file to maintain persistence on a victim host.
T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

Vulnerability enables remote exploitation of public-facing application (T1190) via improper RAR extraction allowing symlink-based arbitrary file writes, facilitating persistence through cron job modification (T1053.003) and addition of SSH authorized keys (T1098.004).

Affected Assets

binary-husky
gpt academic
2024-10-15

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References