POC详情: 50fda70f1e1c047ed1820c4d919c9f2c2fd75580

来源
https://github.com/yuanmeng-MINGI/CVE-2024-1728
关联漏洞
标题: gradio 路径遍历漏洞 (CVE-2024-1728)
描述:Gradio是一个开源 Python 库,是通过友好的 Web 界面演示机器学习模型的方法。 gradio存在路径遍历漏洞,该漏洞源于对用户提供的输入验证不正确。
描述
CVE-2024-1728 POC
介绍
# CVE-2024-1728
CVE-2024-1728 POC
A serious vulnerability has been discovered in Gradio versions 4.19.1 and below. The unknown code of the UploadButton component is affected by this issue. Upgrading to version 4.19.2 can eliminate this vulnerability. Applying patch 16fbe9cd0cffa9f2a824a0165beb43446114eec7 can solve this problem. The repair program is ready to be downloaded on GitHub. The best recommended mitigation measure is to upgrade to the latest version.

Note: This POC is not responsible for your network attack behavior
文件快照

 [4.0K]  /data/pocs/50fda70f1e1c047ed1820c4d919c9f2c2fd75580
├── [380K]  CVE-2024-1728-main.zip
└── [ 532]  README.md

0 directories, 2 files
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。