binary-husky gpt_academic Server-Side Request Forgery Vulnerability

A Server-Side Request Forgery (SSRF) vulnerability has been identified in binary-husky gpt_academic version 3.83. The issue arises in the Markdown_Translate.get_files_from_everything() API, which is accessed through the HotReload(Markdown翻译中) plugin. This vulnerability allows attackers to download files from arbitrary web hosts by simply ensuring the link begins with 'http'. Exploitation of this flaw could lead to unauthorized access to web resources using the credentials of the victim's GPT Academic Gradio Web server.

Impact

Exploitation of this vulnerability allows for unauthorized access to web resources using the credentials of the affected GPT Academic's Gradio Web server.

Reproduction

To reproduce this vulnerability, first upload a file to a web server that can be accessed via a URL. Then, in the GPT Academic Gradio Web UI, select the HotReload(Markdown翻译中) plugin and enter a URL pointing to the uploaded file, ensuring it ends with '.md' to bypass a file type check. Once the plugin processes the request, a link to the downloaded file will appear in the Gradio interface, demonstrating access to the previously protected resource.