Unrated severityNVD Advisory· Published Mar 20, 2025· Updated Oct 15, 2025
Remote Code Execution in binary-husky/gpt_academic
CVE-2024-12390
Description
A vulnerability in binary-husky/gpt_academic version git 310122f allows for remote code execution. The application supports the extraction of user-provided RAR files without proper validation. The Python rarfile module, which supports symlinks, can be exploited to perform arbitrary file writes. This can lead to remote code execution by writing to sensitive files such as SSH keys, crontab files, or the application's own code.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: = git commit 310122f
- binary-husky/binary-husky/gpt_academicv5Range: unspecified
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.