ByteOS Network

NVD Vulnerability Details :

CVE-2024-9159

Analyzed

Source-security@huntr.dev

Published At-20 Mar, 2025 | 10:15

Updated At-01 Aug, 2025 | 18:19

An incorrect authorization vulnerability exists in gaizhenbiao/chuanhuchatgpt version git c91dbfc. The vulnerability allows any user to restart the server at will, leading to a complete loss of availability. The issue arises because the function responsible for restarting the server is not properly guarded by an admin check.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Secondary	3.0	6.5	MEDIUM	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CPE Matches

gaizhenbiao>>chuanhuchatgpt>>2024-12-04

cpe:2.3:a:gaizhenbiao:chuanhuchatgpt:2024-12-04:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-863	Primary	security@huntr.dev

References

Hyperlink	Source	Resource
https://huntr.com/bounties/ab0f8fbb-c17a-45a7-8dab-7d4c8b90490a	security@huntr.dev	Exploit Third Party Advisory

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History