CVE-2024-10986

Exploit

EPSS 0.75%
Veröffentlicht 20.03.2025 10:10:55
Zuletzt bearbeitet 15.10.2025 13:15:38
Quelle security@huntr.dev
CVE-Watchlists
Login
Unerledigt
Login

Local File Read (LFI) by Tarslip Symlink via arxiv_download() API in binary-husky/gpt_academic

GPT Academic version 3.83 is vulnerable to a Local File Read (LFI) vulnerability through its HotReload function. This function can download and extract tar.gz files from arxiv.org. Despite implementing protections against path traversal, the application overlooks the Tarslip triggered by symlinks. This oversight allows attackers to read arbitrary local files from the victim server.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 4

NVD 1 VulnDex Vulnerability Enrichment 1

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Binary-husky ≫ Gpt Academic Version3.83

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.75%	0.501

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
security@huntr.dev	8.8	2.8	5.9	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-59 Improper Link Resolution Before File Access ('Link Following')

The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

https://huntr.com/bounties/db2167f5-f17f-491d-aeec-69ba55bf6427

Third Party Advisory

Exploit

https://nvd.nist.gov/vuln/detail/CVE-2024-10986

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-10986

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-10986

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2024-10986