← volver
CVE-2024-27564

CVE-2024-27564

CVSS 5.8 MEDIUMEPSS 40.6%CWE-918
Vexday Risk Score
40Atención
Decisión SSVC (CISA)
Attend
PoC disponible → seguir de cerca
CVSS 5.8EPSS 40.6%KEV nãoPoC Nuclei simMetasploit Patch
Ciclo de vida
05 mar 2024Publicada en NVD
Recomendación: Planificar corrección próxima — ya existe PoC pública.
pictureproxy.php in the dirk1983 mm1.ltd source code f9f4bbc allows SSRF via the url parameter. NOTE: the references section has an archived copy of pictureproxy.php from its original GitHub location, but the repository name might later change because it is misleading.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
Productos afectados
dirk1983 · mm1.ltd source code

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://github.com/dirk1983/chatgpt/issues/114https://web.archive.org/save/https://github.com/dirk1983/chatgpt/blob/f9f4bbc99eed7210b291ec116bd57b3d8276bee5/README.mdhttps://web.archive.org/save/https://github.com/dirk1983/chatgpt/issues/114https://web.archive.org/web/20250320031248/https://mm1.ltd/https://web.archive.org/web/20250320032559/https://github.com/dirk1983/chatgpt/blob/f9f4bbc99eed7210b291ec116bd57b3d8276bee5/pictureproxy.php