Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Security Issue]: Open Redirect Vulnerability in Text Generation WebUI via Gradio (CVE-2024-4940) #6574

Open
1 task done
2024-scable opened this issue Dec 13, 2024 · 0 comments
Open
1 task done

[Security Issue]: Open Redirect Vulnerability in Text Generation WebUI via Gradio (CVE-2024-4940) #6574

2024-scable opened this issue Dec 13, 2024 · 0 comments
Labels
bug Something isn't working

Comments

@2024-scable
Copy link

Describe the bug

An Open Redirect vulnerability has been identified in the text-generation-webui project. The issue stems from improper validation of the file parameter in Gradio (versions ≤ 4.36.1). This allows an attacker to redirect users to malicious external URLs. The vulnerability is tracked as CVE-2024-4940.

Bug Description

When the file parameter is supplied with an external URL, the application treats it as a valid file path without validation, leading to unintended redirection to the specified URL.

Workaround

1. Update your Gradio version

  • It is important to update Gradio to the latest 4.37.1 or later, as this vulnerability can occur in Gradio versions 4.36.1 and earlier.
  • To do so, use the following command: pip install gradio >= 4.37.1
    2. Validate external URLs
  • We need to add external URL validation logic for values passed to the gr.File() component in the ui function. This allows us to check whether the URL is a local file path or an external URL, and block external URLs for added security.

Is there an existing issue for this?

  • I have searched the existing issues

Reproduction

1. Launch the text-generation-webui.
image

2. Access the web interface through a browser.

3. Provide an external URL as the file parameter, such as
http://127.0.0.1:7860/file=https://google.com
image

4. Observe that the application redirects to the external URL (https://google.com) instead of rejecting the input.
image

Comment

The vulnerability arises from insufficient validation in the gr.File() component of Gradio. Specifically, the ui() function in /extensions/superbooga/script.py processes the file parameter as a local file path without validation, enabling redirection to attacker-controlled URLs.

Screenshot

Steps to reproduce the issue:

Access the interface and input an external URL:
Observe the redirection:

Logs

- File: `/extensions/superbooga/script.py` , line: 241
- Function: `ui()`

def ui():
            with gr.Tab("File input"):
                file_input = gr.File(label='Input file', type='binary')
                update_file = gr.Button('Load data')

System Info

Operating System: Windows 11 Pro
GPU Brand/Model: NVIDIA RTX 3080
Gradio Version: 4.26.0
text-generation-webui Version: latest (as of Dec 2024)
@2024-scable 2024-scable added the bug Something isn't working label Dec 13, 2024
oobabooga added a commit that referenced this issue Dec 14, 2024
@oobabooga
Bump gradio to 4.37 (closes #6574)
268303c
oobabooga added a commit that referenced this issue Dec 14, 2024
@oobabooga
Revert "Bump gradio to 4.37 (closes #6574)"
d9354ea 
This reverts commit 268303c.
oobabooga added a commit that referenced this issue Dec 15, 2024
@oobabooga
Revert "Revert "Bump gradio to 4.37 (closes #6574)""
541398a 
This reverts commit d9354ea.
@2024-scable 2024-scable changed the title [Security Issue]: Open Redirect Vulnerability in Text Generation Webui via Gradio (CVE-2024-4940) [Security Issue]: Open Redirect Vulnerability in Text Generation WebUI via Gradio (CVE-2024-4940) Dec 16, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@2024-scable