CVE-2024-47867

Gradio is an open-source Python package designed for quick prototyping. This vulnerability is a **lack of integrity check** on the downloaded FRP client, which could potentially allow attackers to introduce malicious code. If an attacker gains access to the remote URL from which the FRP client is downloaded, they could modify the binary without detection, as the Gradio server does not verify the file's checksum or signature. Any users utilizing the Gradio server's sharing mechanism that downloads the FRP client could be affected by this vulnerability, especially those relying on the executable binary for secure data tunneling. There is no direct workaround for this issue without upgrading. However, users can manually validate the integrity of the downloaded FRP client by implementing checksum or signature verification in their own environment to ensure the binary hasn't been tampered with.

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://github.com/gradio-app/gradio/security/advisories/GHSA-8c87-gvhj-xm8m	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:gradio_project:gradio:*:*:*:*:*:python:*:*

History

15 Nov 2024, 16:44

Type	Values Removed	Values Added
References	~~() https://github.com/gradio-app/gradio/security/advisories/GHSA-8c87-gvhj-xm8m -~~	() https://github.com/gradio-app/gradio/security/advisories/GHSA-8c87-gvhj-xm8m - Vendor Advisory
First Time		Gradio Project Gradio Project gradio
CPE		cpe:2.3:a:gradio_project:gradio::::::python::*
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 7.5
CWE		NVD-CWE-Other

15 Oct 2024, 12:58

Type	Values Removed	Values Added
Summary		(es) Gradio es un paquete Python de código abierto diseñado para la creación rápida de prototipos. Esta vulnerabilidad es una falta de comprobación de integridad en el cliente FRP descargado, lo que podría permitir a los atacantes introducir código malicioso. Si un atacante obtiene acceso a la URL remota desde la que se descarga el cliente FRP, podría modificar el binario sin ser detectado, ya que el servidor Gradio no verifica la suma de comprobación ni la firma del archivo. Cualquier usuario que utilice el mecanismo de uso compartido del servidor Gradio que descarga el cliente FRP podría verse afectado por esta vulnerabilidad, especialmente aquellos que dependen del binario ejecutable para la tunelización segura de datos. No existe un workaround directo para este problema sin actualizar. Sin embargo, los usuarios pueden validar manualmente la integridad del cliente FRP descargado implementando la suma de comprobación o la verificación de la firma en su propio entorno para asegurarse de que el binario no haya sido alterado.

10 Oct 2024, 23:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-10-10 23:15

Updated : 2024-11-15 16:44

NVD link : CVE-2024-47867

Mitre link : CVE-2024-47867

CVE.ORG link : CVE-2024-47867

JSON object : View

Products Affected

gradio_project

gradio

CWE

NVD-CWE-Other CWE-345

Insufficient Verification of Data Authenticity

{"id": "CVE-2024-47867", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}], "cvssMetricV40": [{"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"safety": "NOT_DEFINED", "version": "4.0", "recovery": "NOT_DEFINED", "baseScore": 2.1, "automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "LOW", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "HIGH", "modifiedAttackVector": "NOT_DEFINED", "integrityRequirements": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "availabilityRequirements": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subsequentSystemIntegrity": "NONE", "vulnerableSystemIntegrity": "LOW", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "confidentialityRequirements": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "subsequentSystemAvailability": "NONE", "vulnerableSystemAvailability": "LOW", "subsequentSystemConfidentiality": "NONE", "vulnerableSystemConfidentiality": "LOW", "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", "modifiedSubsequentSystemAvailability": "NOT_DEFINED", "modifiedVulnerableSystemAvailability": "NOT_DEFINED", "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED"}}]}, "published": "2024-10-10T23:15:02.640", "references": [{"url": "https://github.com/gradio-app/gradio/security/advisories/GHSA-8c87-gvhj-xm8m", "tags": ["Vendor Advisory"], "source": "security-advisories@github.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}, {"type": "Secondary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-345"}]}], "descriptions": [{"lang": "en", "value": "Gradio is an open-source Python package designed for quick prototyping. This vulnerability is a **lack of integrity check** on the downloaded FRP client, which could potentially allow attackers to introduce malicious code. If an attacker gains access to the remote URL from which the FRP client is downloaded, they could modify the binary without detection, as the Gradio server does not verify the file's checksum or signature. Any users utilizing the Gradio server's sharing mechanism that downloads the FRP client could be affected by this vulnerability, especially those relying on the executable binary for secure data tunneling. There is no direct workaround for this issue without upgrading. However, users can manually validate the integrity of the downloaded FRP client by implementing checksum or signature verification in their own environment to ensure the binary hasn't been tampered with."}, {"lang": "es", "value": "Gradio es un paquete Python de c\u00f3digo abierto dise\u00f1ado para la creaci\u00f3n r\u00e1pida de prototipos. Esta vulnerabilidad es una **falta de comprobaci\u00f3n de integridad** en el cliente FRP descargado, lo que podr\u00eda permitir a los atacantes introducir c\u00f3digo malicioso. Si un atacante obtiene acceso a la URL remota desde la que se descarga el cliente FRP, podr\u00eda modificar el binario sin ser detectado, ya que el servidor Gradio no verifica la suma de comprobaci\u00f3n ni la firma del archivo. Cualquier usuario que utilice el mecanismo de uso compartido del servidor Gradio que descarga el cliente FRP podr\u00eda verse afectado por esta vulnerabilidad, especialmente aquellos que dependen del binario ejecutable para la tunelizaci\u00f3n segura de datos. No existe un workaround directo para este problema sin actualizar. Sin embargo, los usuarios pueden validar manualmente la integridad del cliente FRP descargado implementando la suma de comprobaci\u00f3n o la verificaci\u00f3n de la firma en su propio entorno para asegurarse de que el binario no haya sido alterado."}], "lastModified": "2024-11-15T16:44:54.783", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:gradio_project:gradio:*:*:*:*:*:python:*:*", "vulnerable": true, "matchCriteriaId": "32D191C7-095C-427B-832D-C63FE4D4A037", "versionEndExcluding": "5.0.0"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}

7.5 /10