Vulnerability Description
pictureproxy.php in the dirk1983 mm1.ltd source code f9f4bbc allows SSRF via the url parameter. NOTE: the references section has an archived copy of pictureproxy.php from its original GitHub location, but the repository name might later change because it is misleading.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Dirk1983 | Chatgpt | 2023-05-23 |
Related Weaknesses (CWE)
References
- https://github.com/dirk1983/chatgpt/issues/114ExploitIssue TrackingMitigation
- https://web.archive.org/save/https://github.com/dirk1983/chatgpt/blob/f9f4bbc99e
- https://web.archive.org/save/https://github.com/dirk1983/chatgpt/issues/114
- https://web.archive.org/web/20250320031248/https://mm1.ltd/
- https://web.archive.org/web/20250320032559/https://github.com/dirk1983/chatgpt/b
- https://github.com/dirk1983/chatgpt/issues/114ExploitIssue TrackingMitigation
FAQ
What is CVE-2024-27564?
CVE-2024-27564 is a vulnerability with a CVSS score of 5.8 (MEDIUM). pictureproxy.php in the dirk1983 mm1.ltd source code f9f4bbc allows SSRF via the url parameter. NOTE: the references section has an archived copy of pictureproxy.php from its original GitHub location,...
How severe is CVE-2024-27564?
CVE-2024-27564 has been rated MEDIUM with a CVSS base score of 5.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-27564?
Check the references section above for vendor advisories and patch information. Affected products include: Dirk1983 Chatgpt.