Description

A path traversal vulnerability exists in binary-husky/gpt_academic version 3.83. The vulnerability is due to improper handling of the file parameter, which is open to path traversal through URL encoding. This allows attackers to view any file on the host system, including sensitive files such as critical application files, SSH keys, API keys, and configuration values.

INFO

Published Date :

2024-10-17T18:12:06.622Z

Last Modified :

2025-04-04T14:46:58.848Z

Source :

@huntr_ai
AFFECTED PRODUCTS

The following products are affected by CVE-2024-10100 vulnerability.

Vendors Products
Binary-husky
  • Gpt Academic
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-10100.

URL Resource
https://huntr.com/bounties/e58a0fb4-2b1d-49ef-b32e-bb62659a6f99 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact
Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact