CVE-2025-51868 PoC — Dippy 安全漏洞

Source

https://github.com/Secsys-FDU/CVE-2025-51868

Associated Vulnerability

Title:Dippy 安全漏洞 (CVE-2025-51868)
Description:Insecure Direct Object Reference (IDOR) vulnerability in Dippy (chat.dippy.ai) v2 allows attackers to gain sensitive information via the conversation_id parameter to the conversation_history endpoint.

Readme

# CVE-2025-51868
## Vulnerability description

   Dippyis a popular website to chat with millions of proactive AI characters. Dippy allows users to chat with characters based on LLM, which is vulnerable to Insecure Direct Object Reference (IDOR) in its chat component. An attacker can exploit this IDOR to tamper other users' conversation.

## Attack Vectors

   Conversation histories for all users are stored on the server. However, Dippy's server does not distinguish the ownership or sharing status of individual conversation histories. Consequently, an attacker can access other users' conversation histories by brute-forcing the conversation IDs.

   The conversation ID format is predictable and susceptible to brute-force attacks. It consists of an 8-character string. This string is composed of digits (e.g., `12345678`). When an attacker request this url with attacker's Authorization and GET method, he can then check the conversation history in POC.

   ![Figure 1 POC IDOR](./figure1.png)

## Vulnerability affected

   This vulnerability can have an impact on any user of https://chat.dippy.ai. The Chat history of user will be maliciously modified with leaked conversation_id.

File Snapshot


 [4.0K]  /data/pocs/4ef55a6346ee6fb00aa21566161df6fa7cdc3b06
├── [355K]  figure1.png
└── [1.2K]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →

Goal Reached Thanks to every supporter — we hit 100%!