CVE-2024-4325 Information
Description
A Server-Side Request Forgery (SSRF) vulnerability exists in the gradio-app/gradio version 4.21.0 specifically within the /queue/join endpoint and the save_url_to_cache function. The vulnerability arises when the path value obtained from the user and expected to be a URL is used to make an HTTP request without sufficient validation checks. This flaw allows an attacker to send crafted requests that could lead to unauthorized access to the local network or the AWS metadata endpoint thereby compromising the security of internal servers.
Reference
https://huntr.com/bounties/b34f084b-7d14-4f00-bc10-048a3a5aaf88
A
Server-Side
Request
Forgery
(SSRF)
vulnerability
exists
in
the
gradio-app/gradio
version
4.21.0
specifically
within
the
/queue/join
endpoint
and
the
save_url_to_cache
function.
The
vulnerability
arises
when
the
path
value
obtained
from
the
user
and
expected
to
be
a
URL
is
used
to
make
an
HTTP
request
without
sufficient
validation
checks.
This
flaw
allows
an
attacker
to
send
crafted
requests
that
could
lead
to
unauthorized
access
to
the
local
network
or
the
AWS
metadata
endpoint
thereby
compromising
the
security
of
internal
servers.