CVE-2024-11044 PoC — Stable Diffusion web UI 输入验证错误漏洞

Source

https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2024/CVE-2024-11044.yaml

Associated Vulnerability

Title:Stable Diffusion web UI 输入验证错误漏洞 (CVE-2024-11044)
Description:Stable Diffusion web UI是AUTOMATIC1111个人开发者的一个 Web 界面。 Stable Diffusion web UI 1.10.0版本存在输入验证错误漏洞，该漏洞源于开放重定向漏洞，可能导致钓鱼攻击、恶意软件分发和凭据窃取。

Description

An open redirect vulnerability exists in Stable-Diffusion-Webui 1.10.0, where the file parameter in the /file= endpoint can be manipulated to redirect users to malicious websites. This could facilitate phishing attacks by tricking users into visiting attacker-controlled URLs.

File Snapshot


 id: CVE-2024-11044

info:
  name: Stable Diffusion Webui 1.10.0 - Open Redirect
  author: DhiyaneshD

...

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!