This is a vulnerability which affects anyone using Gradio's share links (i.e. creating a Gradio app and then setting share=True
) with Gradio versions older than 3.13.1. In these older versions of Gradio, a private SSH key is sent to any user that connects to the Gradio machine, which means that a user could access other users' shared Gradio demos. From there, other exploits are possible depending on the level of access/exposure the Gradio app provides.
The problem has been patched. Ideally, users should upgrade to gradio==3.19.1
or later where the FRP solution has been properly tested.
Credit to Greg Sadetsky and Samuel Tremblay-Cossette for alerting the team
{ "nvd_published_at": "2023-02-23T22:15:00Z", "cwe_ids": [ "CWE-798" ], "severity": "MODERATE", "github_reviewed": true, "github_reviewed_at": "2023-02-23T22:10:19Z" }