Key Information Summary Vulnerability Overview Vulnerability Name: Gradio CORS Origin Validation Bypass Vulnerability Description: Gradio's CORS configuration contains a flaw that allows malicious attackers to bypass CORS origin validation, enabling them to steal sensitive data from internally deployed Gradio applications. Affected Versions Affected Versions: Gradio <= 5.6.0 Impact Risk: This vulnerability may lead to unauthorized access to sensitive data within internal applications, especially when Gradio is used to handle sensitive data or host secure applications. Root Cause Cause: Gradio uses the method to determine the validity of incoming cross-origin requests. This method blocks cross-origin requests by comparing the request's header with predefined . However, there are two main issues: 1. Localhost Identification: If the header matches but the header does not, Gradio blocks the cross-origin request. 2. Trust in Non-Local Applications: If the application is considered public (i.e., does not match ), Gradio allows all cross-origin requests without validating the origin. Exploitation Method Exploitation Techniques: 1. IPv6 Address Exploitation: Sending requests to can bypass origin checks, as IPv6 addresses mapped to localhost are not considered in . 2. Public Domain Resolving to Localhost: Using public domains that resolve to localhost (e.g., ) can bypass validation logic and trigger unauthorized cross-origin requests. Proof of Concept (PoC) Steps: - Deploy a demo Gradio application. - Deploy the exploitation payload from a different origin. - Trigger the attack. Recommended Mitigation Measures 1. Enhance Origin Validation: Support validation of public domains that resolve to internal networks. 2. Restrict CORS Policy for Public Deployments: Enforce restrictive CORS rules for Gradio applications exposed publicly. 3. Update Gradio Documentation: Clearly document the risks associated with the current CORS configuration and provide secure deployment guidelines.