CVE-2024-6037 | Arbitrary Folder Creation in gaizhenbiao/chuanhuchatgpt
Exp
A vulnerability in gaizhenbiao/chuanhuchatgpt version 20240410 allows an attacker to create arbitrary folders at any location on the server, including the root directory (C: dir). This can lead to uncontrolled resource consumption, resulting in resource exhaustion, denial of service (DoS), server unavailability, and potential data loss or corruption.
Conclusion & alert: CVE-2024-6037 is rated High Exploit Risk (89.7/100): CVSS Critical severity, with high exploitation likelihood (EPSS 10.61%, 95th percentile).Core evidence: 1 public exploit reference(s) are indexed (Exploit-DB). EPSS rose +5.95% over the last day, indicating growing attacker interest.Mandatory action: Public exploits are available—assess exposure, apply mitigations, and prioritize patching.
Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.
Public exploit references (Exploit-DB) for CVE-2024-6037
Exploit prediction scoring system (EPSS) score for CVE-2024-6037
EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).