- Description
- pictureproxy.php in the dirk1983 mm1.ltd source code f9f4bbc allows SSRF via the url parameter. NOTE: the references section has an archived copy of pictureproxy.php from its original GitHub location, but the repository name might later change because it is misleading.
- Source
- cve@mitre.org
- NVD status
- Modified
CVSS 3.1
- Type
- Primary
- Base score
- 6.5
- Impact score
- 2.5
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
- Severity
- MEDIUM
- Hype score
- Not currently trending
Hackers Exploit ChatGPT with CVE-2024-27564, 10,000+ Attacks in a Week https://t.co/yvFOUCmI5u #infosec #cybersecurity #AI #ChatGPT https://t.co/3VLj2vg7NK
@johnmcclure00
30 Mar 2025
55 Impressions
0 Retweets
0 Likes
1 Bookmark
0 Replies
0 Quotes
over 10k attacks hit a ChatGPT flaw (CVE-2024-27564) in a week—banks are bleeding. veriti says 35% of defenses are junk. pros, this is your wake-up call. dig into the mess: https://t.co/27IyxAVAwV #CyberSecurity #ChatGPT #AI
@DCryptaris86649
26 Mar 2025
33 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 A ChatGPT vulnerability (CVE-2024-27564) is under active exploitation! Over 10,000 attacks in a week have targeted financial & government sectors globally. Misconfigured firewalls leave 35% of firms exposed. Patch systems & secure AI integrations now! #CyberSecurity ht
@KryptonAi
23 Mar 2025
46 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
به تازگی برای chatGPT آسیب پذیری با کد شناسایی CVE-2024-27564 از نوع SSRF منتشر شده است. بسیاری از سازمان ها از API مربوط به chatGPT استفاده می کنند. برای پیشگیری و مقابله با این تهدید ابتدا به روز رسانی لازم را اعمال نمایید . https://t.co/Poz3aKYxT1 https://t.co/httLArJ0yt
@AmirHossein_sec
22 Mar 2025
19 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Hackers Exploit ChatGPT with CVE-2024-27564, 10k+ Attacks in a Week (UPDATED) https://t.co/d6osSxQ6nY via @HackRead
@newsoft53759560
22 Mar 2025
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-27564 is a server-side request forgery (SSRF) found in pictureproxy.php of ChatGPT. The vulnerability "allows attackers to force the application to make arbitrary requests via injection of crafted URLs into the urlparameter," according to the listing. https://t.co/CKqEM4
@EyeofhorusC
21 Mar 2025
32 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
A newly discovered ChatGPT security flaw (CVE-2024-27564) is being actively exploited, with over 10,000 attack attempts recorded in just one week. Read more on the latest #ChatGPT developments & what this means for your security strategy via @DarkReading: https://t.co/XyP3r3
@secloretech
21 Mar 2025
17 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
برای chatGPT آسیب پذیری با کد شناسایی CVE-2024-27564 از نوع SSRF منتشرشده. بسیاری ازسازمان هاازAPIمربوط به chatGPT استفاده می کنندبرای پیشگیری و مقابله با این تهدید ابتدا به روز رسانی لازم را اعمال نمایید سپس رول های مربوط به WAF و IPS و firewall شبکه را به روز رسانی نمایید.
@cybernetic_cy
21 Mar 2025
129 Impressions
2 Retweets
4 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨CVE-2024-27564: The Evolution of an AI Security Threat Recent findings reveal how quickly the exploitation risk can escalate, even for medium-severity vulnerabilities targeting AI technologies. Although the official CVE record assigns a CVSS score of 5.8 to CVE-2024-27564, htt
@zjersain
20 Mar 2025
78 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Attackers are exploiting an SSRF flaw (CVE-2024-27564) in a ChatGPT-linked tool targeting US gov & financial orgs. Patch promptly, review configs, & monitor closely!
@VIRTUSCYBER
20 Mar 2025
39 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
慢雾:黑客正利用ChatGPT中的SSRF漏洞攻击美国的金融和政府组织 慢雾科技首席信息安全官23pds在X平台发文称,黑客正在利用ChatGPT中的服务器端请求伪造 (SSRF) 漏洞(CVE-2024-27564)攻击美国的金融和政府组织。 👉 https://t.co/OXBYyIYMQa #网络安全 #黑客攻击 #CVE漏洞 https://t.co/bg8qYKCIpw
@HashNewsHK
19 Mar 2025
85 Impressions
0 Retweets
27 Likes
0 Bookmarks
0 Replies
0 Quotes
👾Daily IOC⚠️ IPs that are currently exploiting CVE-2024-27564 in 𝗖𝗵𝗮𝘁𝗚𝗽𝘁 📌31.56.56[.]156 📌38.60.191[.]7 📌94.156.177[.]106 📌159.192.123[.]190 📌119.82.255[.]34 📌103.251.223[.]127 📌104.143.229[.]115 https://t.co/OXwY3d9qVT
@CSec88
19 Mar 2025
43 Impressions
0 Retweets
1 Like
0 Bookmarks
1 Reply
0 Quotes
ChatGPT’s CVE-2024-27564 flaw let attackers hit 10k+ times in a week, exposing banks & more. AI’s not invincible our lazy setups are the real culprit. Time to toughen up, from firewalls to phones. You buying the hype or fixing the cracks?
@DCryptaris86649
19 Mar 2025
17 Impressions
0 Retweets
2 Likes
0 Bookmarks
1 Reply
0 Quotes
3月19日消息,慢雾科技首席信息安全官23pds在X平台发文称,黑客正在利用ChatGPT中的服务器端请求伪造 (SSRF) 漏洞(CVE-2024-27564)攻击美国的金融和政府组织。
@yydsxxk
19 Mar 2025
25 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
OpenAI's ChatGPT is facing a serious threat with over 10K attack attempts from a single IP exploiting the CVE-2024-27564 vulnerability. Financial and government sectors are at high risk. 🛡️ #OpenAI #CyberThreat #USA link: https://t.co/xjXDslY7B7 https://t.co/CqcDTq8uIO
@TweetThreatNews
19 Mar 2025
30 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔴 CVE-2024-27564 SSRF vulnerability in OpenAI’s ChatGPT infrastructure is being actively exploited, with over 10K attack attempts detected! Financial & gov institutions are prime targets. Check your IPS/WAF/firewalls! Breaking news from the world &… https://t.co/ZF7G3lwj
@godeepweb
18 Mar 2025
52 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Caution: Active exploitation of a vulnerability within “OpenAI’s ChatGPT infrastructure" has been spotted 🚨 @VeritiSecurity uncovered the CVE-2024-27564. Read more in this @SecurityWeek article! #cybersecurity #chatgpt https://t.co/a6DomdZncS
@_BeyondTrending
18 Mar 2025
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
ChatGPTのSSRF脆弱性(CVE-2024-27564)が金融機関や米政府機関を狙う攻撃に悪用されているとVeritiが報告。認証不要で悪意あるURLを挿入し、不正リクエストを実行可能。特に米国の政府・金融機関や、ドイツ、タイ、インドネシアなどの企業が標的に。 https://t.co/GVfalyqVCR
@yousukezan
18 Mar 2025
793 Impressions
3 Retweets
6 Likes
4 Bookmarks
0 Replies
0 Quotes
CVE-2024-27564: Attackers Exploit OpenAI Vulnerability in the Wild https://t.co/sItq21UGOS
@matarturo
18 Mar 2025
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-27564: Attackers Exploit OpenAI Vulnerability in the Wild https://t.co/f4YmFqdKtT
@Dinosn
18 Mar 2025
3556 Impressions
16 Retweets
42 Likes
11 Bookmarks
0 Replies
0 Quotes
Hackers Exploit ChatGPT with CVE-2024-27564, 10,000+ Attacks in a Week https://t.co/d6osSxQ6nY via @HackRead
@newsoft53759560
18 Mar 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Threat Alert: ChatGPT SSRF Exploitation 📅 Date: 2025-03-17 📍 Location: Global (notably United States, Germany, Thailand) 📌 Attribution: Veriti 📝 Summary: Cybersecurity firm Veriti reported active exploitation of CVE-2024-27564, a Server-Side Request Forgery (SSRF)… https:
@syedaquib77
18 Mar 2025
46 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2024-27564
@transilienceai
15 Mar 2025
18 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:dirk1983:chatgpt:2023-05-23:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5317B8B1-AEDD-4F2B-8345-3A4BCF6F07B1"
}
],
"operator": "OR"
}
]
}
]