Cyber Resilience

CVE-2024-3234

CriticalPublic PoC

Published: 06 June 2024

Published
06 June 2024
Modified
21 November 2024
KEV Added
Patch
CVSS Score v3.1 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.8396 99.3th percentile
Risk Priority 70 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-3234 is a critical-severity Path Traversal (CWE-22) vulnerability in Gaizhenbiao Chuanhuchatgpt. Its CVSS base score is 9.8 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 0.7% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

This vulnerability is AI-related — categorised as APIs and Models; in the Supply Chain and Deployment risk domain; MITRE ATLAS techniques in scope: AML.T0039, AI Model Inference API Access (AML.T0040), Obtain Capabilities (AML.T0016).

Deeper analysis

The gaizhenbiao/chuanhuchatgpt application is vulnerable to path traversal due to its reliance on an outdated version of the gradio component that is affected by CVE-2023-51449. Although the application intends to restrict user access to resources inside the web_assets folder, the gradio flaw permits bypass of those controls. The issue impacts all versions prior to the fix released on 20240305 and is tracked as CWE-22 with a CVSS 3.1 score of 9.8.

Unauthenticated remote attackers can exploit the vulnerability over the network without user interaction to read arbitrary files on the server, including config.json that stores API keys. Successful exploitation grants full read access to sensitive configuration data and can lead to further compromise of confidentiality, integrity, and availability.

The maintainers resolved the exposure in commit 6b8f7db347b390f6f8bd07ea2a4ef01a47382f00. Details of the flaw and remediation are documented in the associated huntr.com bounty report. The CVE carries a high EPSS score of 0.84 (peak 0.86), indicating substantial exploitation likelihood.

EU & UK References

Vulnerability details

The gaizhenbiao/chuanhuchatgpt application is vulnerable to a path traversal attack due to its use of an outdated gradio component. The application is designed to restrict user access to resources within the `web_assets` folder. However, the outdated version of gradio it…

more

employs is susceptible to path traversal, as identified in CVE-2023-51449. This vulnerability allows unauthorized users to bypass the intended restrictions and access sensitive files, such as `config.json`, which contains API keys. The issue affects the latest version of chuanhuchatgpt prior to the fixed version released on 20240305.

CWE(s)

AI Security AnalysisAI

AI Category
APIs and Models
Risk Domain
Supply Chain and Deployment
OWASP Top 10 for LLMs 2025
None mapped
Classification Reason
chuanhuchatgpt is a Gradio-based web UI application for ChatGPT/LLM interactions, classified as an other AI platform due to its role in hosting AI chat interfaces.

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
T1083 File and Directory Discovery Discovery
Adversaries may enumerate files and directories or may search in specific locations of a host or network share for certain information within a file system.
T1005 Data from Local System Collection
Adversaries may search local system sources, such as file systems, configuration files, local databases, virtual machine files, or process memory, to find files of interest and sensitive data prior to Exfiltration.
T1552.001 Credentials In Files Credential Access
Adversaries may search local file systems and remote file shares for files containing insecurely stored credentials.
Why these techniques?

Path traversal vulnerability (CVE-2024-3234) in public-facing web app enables exploitation (T1190), file/directory discovery (T1083), collection of data from local system including config files (T1005), and access to unsecured credentials in files like API keys (T1552.001).

MITRE ATLAS TechniquesAI

MITRE ATLAS techniques

AML.T0039AML.T0040: AI Model Inference API AccessAML.T0016: Obtain Capabilities

Affected Assets

gaizhenbiao
chuanhuchatgpt
≤ 20240305

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-22

Validates pathnames and filenames to prevent traversal outside intended directories.

References