cbcvebase.
CVE-2023-49785
published 2024-03-12

CVE-2023-49785: NextChat, also known as ChatGPT-Next-Web, is a cross-platform chat user interface for use with ChatGPT. Versions 2.11.2 and prior are vulnerable to server-side…

PriorityP189critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
ITWEXPLOITVulnCheck KEV
Exploited in the wild
EPSS
83.16%
99.6th percentile
NextChat, also known as ChatGPT-Next-Web, is a cross-platform chat user interface for use with ChatGPT. Versions 2.11.2 and prior are vulnerable to server-side request forgery and cross-site scripting. This vulnerability enables read access to internal HTTP endpoints but also write access using HTTP POST, PUT, and other methods. Attackers can also use this vulnerability to mask their source IP by forwarding malicious traffic intended for other Internet targets through these open proxies. As of time of publication, no patch is available, but other mitigation strategies are available. Users may avoid exposing the application to the public internet or, if exposing the application to the internet, ensure it is an isolated network with no access to any other internal resources.

Affected

3 ranges
VendorProductVersion rangeFixed in
chatgptnextwebnextchat<= 2.11.2
nextchatnextchat<= 2.11.2
nextchatnextchat0 – 2.11.2

Detection & IOCsextracted from sources · hover to see the quote

url/api/cors/data:text%2fhtml;base64,PHNjcmlwdD5hbGVydChkb2N1bWVudC5kb21haW4pPC9zY3JpcHQ+%23
url/api/cors/http:%2f%2fnextchat.{{interactsh-url}}%23
path/api/cors/
yara
shodan-query: "title:NextChat,\"ChatGPT Next Web\""
  • Detect XSS exploitation attempts via the /api/cors endpoint by looking for responses containing 'alert(document.domain)' with a Content-Type of 'text/html'.
  • Detect SSRF exploitation attempts via the /api/cors endpoint by monitoring for outbound DNS callbacks; look for the presence of 'X-Interactsh-Version' in response headers combined with a DNS interactsh protocol hit.
  • The SSRF/XSS payload is delivered via a GET request to /api/cors/ with a data URI or external URL appended, including a base64-encoded script tag for XSS. Monitor HTTP access logs for GET requests to /api/cors/ containing 'data:text' or external URLs.
  • Identify exposed NextChat instances using Shodan by querying for the title 'NextChat' or 'ChatGPT Next Web'; these are potential targets for unauthenticated SSRF/XSS exploitation.
  • The vulnerability allows HTTP POST, PUT, and other methods through the open proxy endpoint, enabling write-access to internal resources. Monitor for non-GET requests to /api/cors/ from external sources.
  • ·No patch is available as of time of publication. Mitigation is purely network-level: avoid exposing the application to the public internet, or isolate it in a network with no access to internal resources.
  • ·The vulnerability is unauthenticated and affects NextChat (ChatGPT-Next-Web) versions 2.11.2 and prior, with a critical CVSS score of 9.1 and EPSS percentile of 99.6%, indicating very high exploitation likelihood.
  • ·Attackers can abuse the open proxy to mask their source IP by forwarding malicious traffic to arbitrary Internet targets through the vulnerable endpoint.

CVSS provenance

nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
vulncheck9.1CRITICAL
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.