CVE-2024-1727 (GCVE-0-2024-1727)

Vulnerability from cvelistv5 – Published: 2024-03-21 19:57 – Updated: 2024-08-01 18:48
VLAI?
Title
CSRF Vulnerability in gradio-app/gradio
Summary
A Cross-Site Request Forgery (CSRF) vulnerability in gradio-app/gradio allows attackers to upload multiple large files to a victim's system if they are running Gradio locally. By crafting a malicious HTML page that triggers an unauthorized file upload to the victim's server, an attacker can deplete the system's disk space, potentially leading to a denial of service. This issue affects the file upload functionality as implemented in gradio/routes.py.
Severity ?
4.3 (Medium)
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CWE
  • CWE-352 - Cross-Site Request Forgery (CSRF)
Assigner
References
Impacted products
Vendor Product Version
gradio-app gradio-app/gradio Affected: unspecified , < 4.19.2 (custom)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:gradio_project:gradio:4.16.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "gradio",
            "vendor": "gradio_project",
            "versions": [
              {
                "status": "affected",
                "version": "4.16.0"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-1727",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-25T16:25:33.992945Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T21:01:35.088Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T18:48:21.951Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://huntr.com/bounties/a94d55fb-0770-4cbe-9b20-97a978a2ffff"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/gradio-app/gradio/commit/84802ee6a4806c25287344dce581f9548a99834a"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "gradio-app/gradio",
          "vendor": "gradio-app",
          "versions": [
            {
              "lessThan": "4.19.2",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A Cross-Site Request Forgery (CSRF) vulnerability in gradio-app/gradio allows attackers to upload multiple large files to a victim\u0027s system if they are running Gradio locally. By crafting a malicious HTML page that triggers an unauthorized file upload to the victim\u0027s server, an attacker can deplete the system\u0027s disk space, potentially leading to a denial of service. This issue affects the file upload functionality as implemented in gradio/routes.py."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-352",
              "description": "CWE-352 Cross-Site Request Forgery (CSRF)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-04-16T11:10:19.322Z",
        "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
        "shortName": "@huntr_ai"
      },
      "references": [
        {
          "url": "https://huntr.com/bounties/a94d55fb-0770-4cbe-9b20-97a978a2ffff"
        },
        {
          "url": "https://github.com/gradio-app/gradio/commit/84802ee6a4806c25287344dce581f9548a99834a"
        }
      ],
      "source": {
        "advisory": "a94d55fb-0770-4cbe-9b20-97a978a2ffff",
        "discovery": "EXTERNAL"
      },
      "title": "CSRF Vulnerability in gradio-app/gradio"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
    "assignerShortName": "@huntr_ai",
    "cveId": "CVE-2024-1727",
    "datePublished": "2024-03-21T19:57:39.129Z",
    "dateReserved": "2024-02-21T21:55:06.942Z",
    "dateUpdated": "2024-08-01T18:48:21.951Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-1727\",\"sourceIdentifier\":\"security@huntr.dev\",\"published\":\"2024-03-21T20:15:07.620\",\"lastModified\":\"2025-07-30T20:11:16.023\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A Cross-Site Request Forgery (CSRF) vulnerability in gradio-app/gradio allows attackers to upload multiple large files to a victim\u0027s system if they are running Gradio locally. By crafting a malicious HTML page that triggers an unauthorized file upload to the victim\u0027s server, an attacker can deplete the system\u0027s disk space, potentially leading to a denial of service. This issue affects the file upload functionality as implemented in gradio/routes.py.\"},{\"lang\":\"es\",\"value\":\"Para evitar que sitios web maliciosos de terceros realicen solicitudes a aplicaciones de Gradio que se ejecutan localmente, este PR endurece las reglas CORS en torno a las aplicaciones de Gradio. En particular, verifica si el encabezado del host es localhost (o uno de sus alias) y, de ser as\u00ed, requiere que el encabezado de origen (si est\u00e1 presente) tambi\u00e9n sea localhost (o uno de sus alias).\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"security@huntr.dev\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L\",\"baseScore\":4.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":2.8,\"impactScore\":1.4}]},\"weaknesses\":[{\"source\":\"security@huntr.dev\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-352\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gradio_project:gradio:*:*:*:*:*:python:*:*\",\"versionStartIncluding\":\"4.16.0\",\"versionEndExcluding\":\"4.19.2\",\"matchCriteriaId\":\"5823139A-4C5D-4AD8-9C8B-A8D294553405\"}]}]}],\"references\":[{\"url\":\"https://github.com/gradio-app/gradio/commit/84802ee6a4806c25287344dce581f9548a99834a\",\"source\":\"security@huntr.dev\",\"tags\":[\"Patch\"]},{\"url\":\"https://huntr.com/bounties/a94d55fb-0770-4cbe-9b20-97a978a2ffff\",\"source\":\"security@huntr.dev\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/gradio-app/gradio/commit/84802ee6a4806c25287344dce581f9548a99834a\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://huntr.com/bounties/a94d55fb-0770-4cbe-9b20-97a978a2ffff\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://huntr.com/bounties/a94d55fb-0770-4cbe-9b20-97a978a2ffff\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/gradio-app/gradio/commit/84802ee6a4806c25287344dce581f9548a99834a\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-01T18:48:21.951Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-1727\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-03-25T16:25:33.992945Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:gradio_project:gradio:4.16.0:*:*:*:*:*:*:*\"], \"vendor\": \"gradio_project\", \"product\": \"gradio\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.16.0\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-06-04T21:01:10.257Z\"}}], \"cna\": {\"title\": \"CSRF Vulnerability in gradio-app/gradio\", \"source\": {\"advisory\": \"a94d55fb-0770-4cbe-9b20-97a978a2ffff\", \"discovery\": \"EXTERNAL\"}, \"metrics\": [{\"cvssV3_0\": {\"scope\": \"UNCHANGED\", \"version\": \"3.0\", \"baseScore\": 4.3, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"gradio-app\", \"product\": \"gradio-app/gradio\", \"versions\": [{\"status\": \"affected\", \"version\": \"unspecified\", \"lessThan\": \"4.19.2\", \"versionType\": \"custom\"}]}], \"references\": [{\"url\": \"https://huntr.com/bounties/a94d55fb-0770-4cbe-9b20-97a978a2ffff\"}, {\"url\": \"https://github.com/gradio-app/gradio/commit/84802ee6a4806c25287344dce581f9548a99834a\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A Cross-Site Request Forgery (CSRF) vulnerability in gradio-app/gradio allows attackers to upload multiple large files to a victim\u0027s system if they are running Gradio locally. By crafting a malicious HTML page that triggers an unauthorized file upload to the victim\u0027s server, an attacker can deplete the system\u0027s disk space, potentially leading to a denial of service. This issue affects the file upload functionality as implemented in gradio/routes.py.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-352\", \"description\": \"CWE-352 Cross-Site Request Forgery (CSRF)\"}]}], \"providerMetadata\": {\"orgId\": \"c09c270a-b464-47c1-9133-acb35b22c19a\", \"shortName\": \"@huntr_ai\", \"dateUpdated\": \"2024-04-16T11:10:19.322Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-1727\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-08-01T18:48:21.951Z\", \"dateReserved\": \"2024-02-21T21:55:06.942Z\", \"assignerOrgId\": \"c09c270a-b464-47c1-9133-acb35b22c19a\", \"datePublished\": \"2024-03-21T19:57:39.129Z\", \"assignerShortName\": \"@huntr_ai\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.