关联漏洞
标题:
Gradio 安全漏洞
(CVE-2024-1561)
描述:Gradio是一个开源 Python 库,是通过友好的 Web 界面演示机器学习模型的方法。 Gradio 存在安全漏洞,该漏洞源于端点不正确地允许调用类上的任何方法,允许未经授权的本地文件读取访问,可能导致敏感信息泄露。
描述
Nuclei Templates
介绍
# CVE-2024-1561 Nuclei Template
This Nuclei template is designed to detect the Gradio CVE-2024-1561 vulnerability in web applications. Gradio is a Python library for creating customizable UI components around machine learning models. This vulnerability may allow attackers to read files from the server.
### Running the template
Clone this repository to your local machine and run using the `-t` flag:
```bash
git clone https://github.com/DiabloHTB/Nuclei-Template-CVE-2024-1561
cd Nuclei-Template-CVE-2024-1561
nuclei -target <URL> -t CVE-2024-1561.yaml
```
Example:
```bash
┌──(gradio-env)─(diablo㉿diablo)-[~/gradio]
└─$ nuclei -target http://127.0.0.1:7860 -t CVE-2024-1561.yaml
__ _
____ __ _______/ /__ (_)
/ __ \/ / / / ___/ / _ \/ /
/ / / / /_/ / /__/ / __/ /
/_/ /_/\__,_/\___/_/\___/_/ v3.2.6
projectdiscovery.io
[INF] Current nuclei version: v3.2.6 (outdated)
[INF] Current nuclei-templates version: v9.8.6 (latest)
[WRN] Scan results upload to cloud is disabled.
[INF] New templates added in latest release: 65
[INF] Templates loaded for current scan: 1
[WRN] Loading 1 unsigned templates for scan. Use with caution.
[INF] Targets loaded for current scan: 1
[CVE-2024-1561] [http] [high] http://127.0.0.1:7860/file=/tmp/gradio/83bbb89b677a9cca3d271a392fa1aa2a10853c32/passwd
```
### PoC
The template tests for `/etc/passwd` presence matching with `root` user.
To fully exploit the target check the following :
https://huntr.com/bounties/4acf584e-2fe8-490e-878d-2d9bf2698338
https://github.com/DiabloHTB/CVE-2024-1561
Disclaimer
This template is provided for educational and informational purposes only. Usage of this template for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state, and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this template.
文件快照
[4.0K] /data/pocs/1936b71f9f1ddda2a31cccc32a6fbc6c85827b93
├── [1.8K] CVE-2024-1561.yaml
└── [1.9K] README.md
0 directories, 2 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。