OpenAI’s ChatGPT application programming interface (API) has a flaw that can be exploited to launch a distributed denial of service (DDoS) attack on websites, per information shared by a cybersecurity researcher. The chatbot can allegedly be utilized to send thousands of network requests to a website using the ChatGPT crawler. The researcher asserts that the flaw, which has been rated with high severity, remains active and there has been no response from the company regarding when the problem will be addressed.
ChatGPT API Permits Numerous Simultaneous Network Requests to Identical Website
In a GitHub post shared earlier this month, Germany-based security researcher Benjamin Flesch elaborated on the vulnerability present within the ChatGPT API. The researcher also shared code for a proof of concept that dispatches 50 parallel HTTP requests to a test website, demonstrating how the bug can be exploited to instigate a DDoS attack.
According to Flesch, the vulnerability arises during the processing of HTTP POST requests to https://chatgpt. com/backend-api/attributions. It is a method for transmitting data to a server, commonly employed by the API endpoint to generate new resources. While executing this function, the ChatGPT API necessitates a list of hyperlinks in the URL parameter.
In what seems to be a defect in its API, OpenAI does not verify if a hyperlink to the same resource is listed multiple times, according to the researcher. Since hyperlinks to a website can be formatted in various ways, this leads to the crawler issuing multiple parallel network requests to the same website. Furthermore, Flesch claims that OpenAI does not impose a limit on the maximum number of hyperlinks that may be included in the URL parameter and transmitted in a single request.
Consequently, a malicious individual could potentially direct thousands of requests to a website, which might rapidly overwhelm its server. The security researcher assigned this vulnerability a high severity “8. 6 CVSS” rating as it is network-based, has low execution complexity, and does not require any privileges or user involvement but can significantly impact availability.
Flesch stated that he attempted to contact both OpenAI and Microsoft (as the servers hosting the ChatGPT API) regarding the vulnerability several times through various channels after identifying the bug in January. He claimed to have reported it to the OpenAI security team, OpenAI personnel via reports, the OpenAI data privacy officer, as well as Microsoft’s security and Azure network operations team.
Despite numerous efforts to report the vulnerability, the researcher stated that the issue remains unresolved, nor has the AI firm acknowledged its existence. Gadgets 360 staff members were unable to confirm the existence of the bug on the chatbot.
