CVE-2024-10650

NONE EPSS 47.3%
Published Mar 20, 20251y ago · Modified Jun 17, 20261w ago
Find Similar
Published Mar 20, 2025 1y ago
Last Modified Jun 17, 2026 1w ago

Description

An unauthenticated Denial of Service (DoS) vulnerability was identified in ChuanhuChatGPT version 20240918, which could be exploited by sending large data payloads using a multipart boundary. Although a patch was applied for CVE-2024-7807, the issue can still be exploited by sending data in groups with 10 characters in a line, with multiple lines. This can cause the system to continuously process these characters, resulting in prolonged unavailability of the service. The exploitation now requires low privilege if authentication is enabled due to a version upgrade in Gradio.

Threat Intelligence

EPSS Exploit Probability
47.3% percentile
Exploit & Patch Status
Public Exploit Known
No Patch Available

Weaknesses 1

CWE-770

Affected Products 1

VendorProductVersionRange
gaizhenbiaochuanhuchatgpt20240918any

References 1

  • huntr.com https://huntr.com/bounties/f820371d-a878-44bf-b1fd-2d837dd58eb4
    ExploitThird Party Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.