CVE-2024-6036
CVSS V2 None
CVSS V3 None
Description
A vulnerability in gaizhenbiao/chuanhuchatgpt version 20240410 allows any user to restart the server at will by sending a specific request to the `/queue/join?` endpoint with `"fn_index":66`. This unrestricted server restart capability can severely disrupt service availability, cause data loss or corruption, and potentially compromise system integrity.
Overview
- CVE ID
- CVE-2024-6036
- Assigner
- @huntr_ai
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-07-10T22:57:33.930Z
- Last Modified Date
- 2024-07-10T22:57:33.930Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://huntr.com/bounties/e9eaaea9-5750-4955-9142-2f12ad4b06db |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2024-6036 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6036 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-07-11 13:09:54 | Added to TrackCVE |