GPT Academic allows arbitary file read by tarfile uncompress within softlink

GPT Academic provides interactive interfaces for large language models. In 3.91 and earlier, GPT Academic does not properly account for soft links. An attacker can create a malicious file as a soft link pointing to a target file, then package this soft link file into a tar.gz file and upload it. Subsequently, when accessing the decompressed file from the server, the soft link will point to the target file on the victim server. The vulnerability allows attackers to read all files on the server.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

在文件访问前对链接解析不恰当(链接跟随)

GPT Academic 后置链接漏洞

GPT Academic是binary-husky个人开发者的一个为 GPT/GLM 等 LLM 大语言模型提供实用化交互的接口。 GPT Academic 3.91及之前版本存在后置链接漏洞，该漏洞源于未正确处理软链接，从而导致任意文件读取。

N/A

N/A