Detections
Analytics

Gradio < 4.19.2 Vulnerability - CVE-2024-1728

high Nessus Plugin ID 213708

Synopsis

The remote host is affected by a vulnerability.

Description

The version of Gradio installed on the remote host is prior to 4.19.2. It is, therefore, affected by a local file inclusion vulnerability due to improper validation of user-supplied input in the UploadButton component. Attackers can exploit this vulnerability to read arbitrary files on the filesystem, such as private SSH keys, by manipulating the file path in the request to the `/queue/join` endpoint. This issue could potentially lead to remote code execution. The vulnerability is present in the handling of file upload paths, allowing attackers to redirect file uploads to unintended locations on the server.

 Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade to Gradio version 4.19.2 or later.

See Also

http://www.nessus.org/u?5e786999

http://www.nessus.org/u?4d7db9c6

https://huntr.com/bounties/9bb33b71-7995-425d-91cc-2c2a2f2a068a

Plugin Details

Severity: High

ID: 213708

File Name: gradio_CVE-2024-1728.nasl

Version: 1.1

Type: local

Published: 1/10/2025

Updated: 1/10/2025

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: High

Base Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N

CVSS Score Source: CVE-2024-1728

CVSS v3

Risk Factor: High

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Vulnerability Information

CPE: cpe:/a:gradio_project:gradio

Required KB Items: installed_sw/Gradio

Patch Publication Date: 4/10/2024

Vulnerability Publication Date: 4/10/2024

Reference Information

CVE: CVE-2024-1728

CWE: CWE-22