[Security Issue]: Open Redirect Vulnerability in Stable Diffusion WebUI via Gradio (CVE-2024-4940)

[2024-scable]

Checklist

• The issue exists after disabling all extensions
• The issue exists on a clean installation of webui
• The issue is caused by an extension, but I believe it is caused by a bug in the webui
• The issue exists in the current version of the webui
• The issue has not been reported before recently
• The issue has been reported before but has not been fixed yet

What happened?

An Open Redirect vulnerability was discovered in Stable Diffusion WebUI due to improper validation of the file parameter in Gradio. This vulnerability, tracked as CVE-2024-4940, affects Gradio versions 4.36.1 and below. It allows attackers to redirect users to attacker-controlled websites by crafting malicious URLs.

CVE-2024-4940 details: https://nvd.nist.gov/vuln/detail/CVE-2024-4940

The issue arises due to improper handling of user-supplied input in URL processing. When a malicious URL is supplied, the application redirects users to an unintended external location without validation.

Steps to reproduce the problem

1. Launch Stable Diffusion WebUI in a local environment (e.g., http://127.0.0.1:7860).
   

2. Use a crafted URL to supply an external URL to the file parameter:

   http://127.0.0.1:7860/file=https://google.com
   

3. Observe that the browser redirects the user to https://google.com without proper validation of the input.
   

What should have happened?

Stable-Diffusion WebUI currently utilizes Gradio version 3.41.2, which is outdated and vulnerable to known security issues, including CVE-2024-4940. To address these vulnerabilities, it is recommended to update Gradio to version 4.37.1 or later

1. Upgrade Gradio

   • Update Gradio to version 4.37.1 or later, where this vulnerability has been addressed.

     pip install gradio>=4.37.1

2. Add Input Validation

   • Enhance input validation in the create_prompts function to check if the file parameter contains a valid file path. Reject or sanitize external URLs.

What browsers do you use to access the UI ?

No response

Sysinfo

Vulnerable Code Location

• File: /modules/ui_toprow.py
• Function: create_prompts

def create_prompts(self):
    with gr.Column(elem_id=f"{self.id_part}_prompt_container", elem_classes=["prompt-container-compact"] if self.is_compact else [], scale=6):
        with gr.Row(elem_id=f"{self.id_part}_prompt_row", elem_classes=["prompt-row"]):
            self.prompt = gr.Textbox(label="Prompt", elem_id=f"{self.id_part}_prompt", show_label=False, lines=3, placeholder="Prompt\n(Press Ctrl+Enter to generate, Alt+Enter to skip, Esc to interrupt)", elem_classes=["prompt"])
            self.prompt_img = gr.File(label="", elem_id=f"{self.id_part}_prompt_image", file_count="single", type="binary", visible=False)  

The create_prompts function processes user input for text or file-based prompts. However, the gr.File() component does not properly validate inputs, allowing URLs to be treated as file paths. This leads to unintended redirections.

Console logs

- Application launched at: http://127.0.0.1:7860
- Received crafted request: `/file=https://google.com`
- Redirecting user to: `https://google.com`

Additional information

No response

[BigMeatyClaws]

Wow. Nasty. Relatively low-impact with a reasonably secure setup, but still.