all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

ChatGPT-Next-Web SSRF Bug Let Hackers Gain Full Access to HTTP Endpoints

Add to bookmarks
March 13, 2024, 5:06 a.m. | Balaji

GBHackers On Security gbhackers.com

There are advantages to using standalone AI chatbots over cloud-based alternatives such as OpenAI; however, there are also some security risks. Research shows NextChat, a popular standalone chatbot with over 7500 exposed instances, is vulnerable to a critical SSRF vulnerability (CVE-2023-49785) that allows attackers to access internal systems and data potentially. The vulnerability was reported […]


The post ChatGPT-Next-Web SSRF Bug Let Hackers Gain Full Access to HTTP Endpoints appeared first on GBHackers on Security | #1 Globally Trusted Cyber …

access ai chatbots alternatives attackers bug chatbot chatbots chatgpt cloud cloud-based computer security critical cve cyber-attack cyber security endpoints exposed hackers http internal next openai popular research risks security security risks ssrf ssrf vulnerability systems vulnerability vulnerable web

Visit resource

More from gbhackers.com / GBHackers On Security

ELLIO and ntop partnership to boost high-speed network traffic monitoring with real-time data on opportunistic … 1 day, 16 hours ago | gbhackers.com
applications attacks botnets commercial +16
LilacSquid Hackers Attacking IT Industries To Harvest Confidential Data 1 day, 16 hours ago | gbhackers.com
access advanced persistent threat can cisco +29
FlyingYeti Exploits WinRAR Vulnerability For Targeted Malware Attacks 1 day, 17 hours ago | gbhackers.com
actor attacks cve cybersecurity threats +23
Hackers Weaponizing MS Office-Cracked Versions to Deliver Malware 1 day, 17 hours ago | gbhackers.com
attackers changing commands cracked +23
DDoS-as-a-Service Botnet Backed by Mirai Attacking Gaming Community 1 day, 17 hours ago | gbhackers.com
as-a-service attacks botnet botnets +19
Hackers Exploiting Stored XSS Vulnerabilities in WordPress Plugins 1 day, 18 hours ago | gbhackers.com
attackers cross-site cve cve-2023-40000 +25
VirusTotal Celebrates 20th Anniversary, What’s Next? 1 day, 21 hours ago | gbhackers.com
20th anniversary anniversary cyber security cybersecurity +16
Beware of Fake Browser Updates That Deliver Bitrat & Lumma Stealer 1 day, 22 hours ago | gbhackers.com
attackers breaches browser campaign +24
Progress Telerik Report Server Flaw Let Attackers Bypass Authentication 2 days, 17 hours ago | gbhackers.com
attackers authentication authentication bypass bypass +13

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland
View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City
View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL
View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US
View on infosec-jobs.com

Corporate Intern - Information Security (Year Round)

@ Associated Bank | US WI Remote
View on infosec-jobs.com

Senior Offensive Security Engineer

@ CoStar Group | US-DC Washington, DC
View on infosec-jobs.com