CVE-2024-8524

HighPublic PoC

Published: 20 March 2025

Published

20 March 2025

Modified

15 October 2025

KEV Added

—

Patch

—

CVSS Score 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS Score 0.0093 76.2th percentile

Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-8524 is a high-severity Path Traversal (CWE-22) vulnerability in Modelscope Agentscope. Its CVSS base score is 7.5 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 23.8% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploit Public-Facing Application (T1190) and 1 other technique. What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-10 Information Input Validation good match

prevent

Directly prevents directory traversal exploitation by enforcing input validation on crafted POST requests to the /read-examples endpoint in modelscope/agentscope.

SI-2 Flaw Remediation good match

preventrecover

Mandates identification, reporting, and correction of the specific directory traversal flaw (CVE-2024-8524) in modelscope/agentscope version 0.0.4.

SC-7 Boundary Protection partial match

preventdetect

Boundary protection mechanisms inspect and block network traffic containing directory traversal payloads targeting the exposed /read-examples endpoint.

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access

Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.

attack.mitre.org →

T1005 Data from Local System Collection

Adversaries may search local system sources, such as file systems, configuration files, local databases, virtual machine files, or process memory, to find files of interest and sensitive data prior to Exfiltration.

attack.mitre.org →

Why these techniques?

Remote unauthenticated directory traversal in exposed web endpoint directly enables exploitation of public-facing application (T1190) and arbitrary local file reads for data collection (T1005).

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

NVD Description

A directory traversal vulnerability exists in modelscope/agentscope version 0.0.4. An attacker can exploit this vulnerability to read any local JSON file by sending a crafted POST request to the /read-examples endpoint.

Deeper analysisAI

CVE-2024-8524 is a directory traversal vulnerability (CWE-22) affecting modelscope/agentscope version 0.0.4. The flaw allows an attacker to read arbitrary local JSON files on the server by sending a specially crafted POST request to the /read-examples endpoint. It has a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N), indicating high confidentiality impact with network accessibility, low attack complexity, and no requirements for privileges or user interaction.

Any unauthenticated remote attacker can exploit this vulnerability over the network without privileges. By crafting a malicious POST request to the exposed /read-examples endpoint, the attacker can traverse directories and access sensitive JSON files anywhere on the local filesystem, potentially exposing configuration data, credentials, or other confidential information stored in JSON format.

Details on mitigation, including any patches or workarounds, are available in the advisory published on Huntr at https://huntr.com/bounties/cc4acf33-700d-4220-8a8a-db28f5c4cc8f. Security practitioners should review this reference for remediation steps specific to modelscope/agentscope.