CVE-2024-10648
Path Traversal vulnerability in gradio (PyPI)
What is CVE-2024-10648 About?
A path traversal vulnerability in the Gradio Audio component allows attackers to control the format of audio files. This can be exploited to delete arbitrary file content, leading to a denial of service (DoS) on the server. Exploitation involves manipulating output formats and is moderately complex to achieve exact file deletion.
Affected Software
Technical Details
The vulnerability exists in the Gradio Audio component of gradio-app/gradio, specifically in versions up to git 98cbcae. It stems from improper sanitization or validation of user-controlled input related to the audio file's output format. An attacker can manipulate this format parameter in a way that includes path traversal sequences (e.g., ../). When the server processes this manipulated format, instead of writing an audio file to the expected location, it effectively targets an arbitrary file on the system. The 'arbitrary file content deletion' aspect suggests that by specifying a target file, the operation meant to write audio data instead overwrites the target file with an empty or corrupted state, thus 'resetting' it to an empty file and causing a denial of service by rendering the file unusable.
What is the Impact of CVE-2024-10648?
Successful exploitation may allow attackers to cause a denial of service (DoS) by deleting arbitrary file content on the server, disrupting the availability of services or integrity of data.
What is the Exploitability of CVE-2024-10648?
Exploitation of this path traversal vulnerability would require an attacker to send crafted requests to the Gradio Audio component, manipulating parameters related to audio file output formats. The complexity level is moderate, as it requires knowledge of the underlying file system structure and precise path manipulation. No specific authentication is mentioned, implying it might be exploitable by unauthenticated users if the audio component is publicly accessible or via authenticated users. This is likely a remote exploitation scenario, allowing an attacker to impact the server's file system. The main risk factor is an exposed Gradio instance processing user-controlled audio inputs.
What are the Known Public Exploits?
| PoC Author | Link | Commentary |
|---|---|---|
| No known exploits | ||
What are the Available Fixes for CVE-2024-10648?
Available Upgrade Options
- No fixes available
Struggling with dependency upgrades?
See how Resolved Security's drop-in replacements make it simple.
Book a demoAdditional Resources
- https://github.com/gradio-app/gradio
- https://huntr.com/bounties/667d664d-8189-458c-8ed7-483fe8f33c76
- https://osv.dev/vulnerability/GHSA-pgfv-gvc5-prfg
- https://github.com/gradio-app/gradio/blame/98cbcaef827de7267462ccba180c7b2ffb1e825d/gradio/processing_utils.py#L234
- https://nvd.nist.gov/vuln/detail/CVE-2024-10648
- https://huntr.com/bounties/667d664d-8189-458c-8ed7-483fe8f33c76
What are Similar Vulnerabilities to CVE-2024-10648?
Similar Vulnerabilities: CVE-2024-21626 , CVE-2023-28825 , CVE-2022-29007 , CVE-2021-41221 , CVE-2020-5259
