CVE-2024-2206

Published: Mar 27, 2024Modified: Jul 29, 2025

6.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Exploitability: 3.9 / Impact: 2.5

Source: NVD

Description

An SSRF vulnerability exists in the gradio-app/gradio due to insufficient validation of user-supplied URLs in the `/proxy` route. Attackers can exploit this vulnerability by manipulating the `self.replica_urls` set through the `X-Direct-Url` header in requests to the `/` and `/config` routes, allowing the addition of arbitrary URLs for proxying. This flaw enables unauthorized proxying of requests and potential access to internal endpoints within the Hugging Face space. The issue arises from the application's inadequate checking of safe URLs in the `build_proxy_request` function.

Affected (1)

Products: Gradio Project: Gradio

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Gradio Project Gradio	From 3.47.1 to 4.18.0

Related CWEs

Server-Side Request Forgery (SSRF)

The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

References (4)

https://github.com/gradio-app/gradio/commit/49d9c48537aa706bf72628e3640389470138bdc6

Source: security@huntr.dev

Patch

https://huntr.com/bounties/2286c1ed-b889-45d6-adda-7014ea06d98e

Source: security@huntr.dev

ExploitThird Party Advisory

https://github.com/gradio-app/gradio/commit/49d9c48537aa706bf72628e3640389470138bdc6

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://huntr.com/bounties/2286c1ed-b889-45d6-adda-7014ea06d98e

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

Timeline

No history available yet.