ByteOS Network

NVD Vulnerability Details :

CVE-2024-5822

Analyzed

Source-security@huntr.dev

Published At-27 Jun, 2024 | 19:15

Updated At-15 Jul, 2025 | 15:34

A Server-Side Request Forgery (SSRF) vulnerability exists in the upload processing interface of gaizhenbiao/ChuanhuChatGPT versions <= ChuanhuChatGPT-20240410-git.zip. This vulnerability allows attackers to send crafted requests from the vulnerable server to internal or external resources, potentially bypassing security controls and accessing sensitive data.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	3.1	9.8	CRITICAL	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Secondary	3.0	7.3	HIGH	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Type: Primary

Version: 3.1

Base score: 9.8

Base severity: CRITICAL

Vector:

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Type: Secondary

Version: 3.0

Base score: 7.3

Base severity: HIGH

Vector:

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CPE Matches

gaizhenbiao>>chuanhuchatgpt>>20240410

cpe:2.3:a:gaizhenbiao:chuanhuchatgpt:20240410:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-918	Secondary	security@huntr.dev

CWE ID: CWE-918

Type: Secondary

Source: security@huntr.dev

References

Hyperlink	Source	Resource
https://huntr.com/bounties/b24f1b5f-a529-435b-ac4d-5ca71d5d1fb5	security@huntr.dev	Exploit Third Party Advisory
https://huntr.com/bounties/b24f1b5f-a529-435b-ac4d-5ca71d5d1fb5	af854a3a-2127-422b-91ae-364da2661108	Exploit Third Party Advisory

Hyperlink: https://huntr.com/bounties/b24f1b5f-a529-435b-ac4d-5ca71d5d1fb5

Source: security@huntr.dev

Resource:

Exploit

Third Party Advisory

Hyperlink: https://huntr.com/bounties/b24f1b5f-a529-435b-ac4d-5ca71d5d1fb5

Source: af854a3a-2127-422b-91ae-364da2661108

Resource:

Exploit

Third Party Advisory

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History