Key Information Summary Vulnerability Overview Vulnerability Name: Gradio CORS Origin Validation Bypass Vulnerability Description: Gradio's CORS configuration is designed to protect internally deployed applications from attacks originating from external sources, such as CSRF and data leakage. However, the current implementation contains a flaw that allows malicious users to bypass CORS origin validation. Affected Versions Affected Versions: Gradio <= 5.6.0 Impact Risk: This vulnerability may lead to unauthorized access to sensitive data within internal applications, posing a significant risk when Gradio is used to handle sensitive data or host secure applications. Root Cause Mechanism: Gradio uses the method to determine the validity of incoming cross-origin requests, by comparing the request's header with predefined to block cross-origin requests. Defects in Validation Mechanism 1. Localhost Identification: If the header matches but the header does not, Gradio blocks the cross-origin request. 2. Trust in Non-Local Applications: When an application is considered public (i.e., does not match ), Gradio permits all cross-origin requests without validating the origin. Exploitation Method IPv6 Address Exploitation: Sending requests to can bypass origin checks. Public Domain Resolving to Localhost: Using public domains that resolve to localhost (e.g., ) can circumvent the validation logic. Proof of Concept (PoC) Steps: Deploy a demonstration Gradio application, deploy the exploitation payload, and trigger the attack. Result: Successfully bypass Gradio’s CORS restrictions, enabling cross-origin requests to access data in internal environments. Recommended Mitigations 1. Enhance Origin Validation: Support validation of public domains that resolve to internal networks. 2. Restrict CORS Policy for Public Deployments: Enforce restrictive CORS policies for Gradio applications exposed publicly. 3. Update Gradio Documentation: Clearly document the risks associated with the current CORS configuration and provide secure deployment guidelines.