Share
## https://sploitus.com/exploit?id=AE21A054-5CCE-58FA-BEA3-C9ECF0FBA5BD
# CVE-2024-1561 - Gradio Arbitrary File Read

**CVE-2024-1561** is an arbitrary file read vulnerability affecting **Gradio** versions **prior to 4.13.0**. Gradio is a popular Python framework used to quickly build web interfaces for machine learning models and AI applications.

The vulnerability exists because the `/component_server` endpoint does not properly restrict which methods of the internal `Component` class can be invoked. An attacker can abuse this behavior to call methods that were never intended to be exposed over HTTP.

One of these methods, `move_resource_to_block_cache`, allows a file from the local filesystem to be copied into Gradio's temporary cache directory. Once the file has been copied, it becomes accessible through the `/file` endpoint, allowing an attacker to retrieve its contents.

Although the vulnerability does not directly provide remote code execution, it can expose sensitive files from the server and may be leveraged to gather credentials, configuration files, API keys, tokens, or other information useful for further attacks.

---

## Affected Versions

- Gradio /passwd HTTP/1.1
Host: target
```

to retrieve the contents.

---

## Security Impact

Successful exploitation may allow an attacker to read sensitive files including:

- `/etc/passwd`
- Private SSH keys
- Environment files (`.env`)
- API tokens
- Cloud credentials
- Application configuration files
- Database credentials
- Source code
- Authentication secrets

The impact depends on the privileges of the Gradio application.

---

## Mitigation

To remediate this vulnerability:

- Upgrade Gradio to **4.13.0** or later.
- Avoid exposing Gradio applications directly to the public Internet.
- Require authentication whenever possible.
- Restrict access using a reverse proxy or firewall.
- Run Gradio with the least privileges necessary.
- Avoid storing sensitive credentials in locations accessible to the application process.

---

## References

- CVE: https://nvd.nist.gov/vuln/detail/CVE-2024-1561
- Patch: https://github.com/gradio-app/gradio/pull/6884

---

## Disclaimer

This repository is provided for **educational purposes**, **security research**, and **authorized penetration testing only**. Always obtain explicit permission before testing systems that you do not own or have authorization to assess.