Security Advisory

CVE-2024-1183

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-04-16 00:00:14

Last updated 2024-08-01 18:33:24

Assigner @huntr_ai

State PUBLISHED

Description

An SSRF (Server-Side Request Forgery) vulnerability exists in the gradio-app/gradio repository, allowing attackers to scan and identify open ports within an internal network. By manipulating the file parameter in a GET request, an attacker can discern the status of internal ports based on the presence of a Location header or a File not allowed error in the response.

← Browse all CVEs View on cve.org ↗