POC详情: 4ef55a6346ee6fb00aa21566161df6fa7cdc3b06

来源
https://github.com/Secsys-FDU/CVE-2025-51868
关联漏洞
标题: Dippy 安全漏洞 (CVE-2025-51868)
描述:Dippy是Dippy公司的一个AI聊天网站。 Dippy v2版本存在安全漏洞,该漏洞源于对conversation_id参数访问控制不当,可能导致敏感信息泄露。
介绍
# CVE-2025-51868
## Vulnerability description

   Dippyis a popular website to chat with millions of proactive AI characters. Dippy allows users to chat with characters based on LLM, which is vulnerable to Insecure Direct Object Reference (IDOR) in its chat component. An attacker can exploit this IDOR to tamper other users' conversation.

## Attack Vectors

   Conversation histories for all users are stored on the server. However, Dippy's server does not distinguish the ownership or sharing status of individual conversation histories. Consequently, an attacker can access other users' conversation histories by brute-forcing the conversation IDs.

   The conversation ID format is predictable and susceptible to brute-force attacks. It consists of an 8-character string. This string is composed of digits (e.g., `12345678`). When an attacker request this url with attacker's Authorization and GET method, he can then check the conversation history in POC.

   ![Figure 1 POC IDOR](./figure1.png)

## Vulnerability affected

   This vulnerability can have an impact on any user of https://chat.dippy.ai. The Chat history of user will be maliciously modified with leaked conversation_id.
文件快照

 [4.0K]  /data/pocs/4ef55a6346ee6fb00aa21566161df6fa7cdc3b06
├── [355K]  figure1.png
└── [1.2K]  README.md

0 directories, 2 files
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。