GHSA-7C78-RM87-5673

Vulnerability from github – Published: 2025-07-31 14:04 – Updated: 2025-10-23 17:42
VLAI
Summary
MS SWIFT WEB-UI RCE Vulnerability
Details

I. Detailed Description:

This includes scenarios, screenshots, vulnerability reproduction methods. For account-related vulnerabilities, please provide test accounts. If the reproduction process is complex, you may record a video, upload it to Taopan, and attach the link.

  1. Install ms-swift pip install ms-swift -U

  2. Start web-ui swift web-ui --lang en

  3. After startup, access through browser at http://localhost:7860/ to see the launched fine-tuning framework program

  4. Fill in necessary parameters In the LLM Training interface, fill in required parameters including Model id, Dataset Code. The --output_dir can be filled arbitrarily as it will be modified later through packet capture

  5. Click Begin to start training. Capture packets and modify the parameter corresponding to --output_dir

You can see the concatenated command being executed in the terminal where web-ui was started

  1. Wait for the program to run (testing shows it requires at least 5 minutes), and you can observe the effect of command execution creating files

II. Vulnerability Proof (Write POC here):

/tmp/xxx'; touch /tmp/inject_success_1; #

III. Fix Solution: 1. The swift.ui.llm_train.llm_train.LLMTrain#train() method should not directly concatenate parameters with commands after receiving commands from the frontend 2. The swift.ui.llm_train.llm_train.LLMTrain#train_local() method should not use os.system for execution, but should be changed to subprocess.run([cmd, arg1, arg2...]) format

Author

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "ms-swift"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "3.7.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-41419"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-117"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-07-31T14:04:24Z",
    "nvd_published_at": null,
    "severity": "MODERATE"
  },
  "details": "**I. Detailed Description:** \n\nThis includes scenarios, screenshots, vulnerability reproduction methods. For account-related vulnerabilities, please provide test accounts. If the reproduction process is complex, you may record a video, upload it to Taopan, and attach the link.\n\n1. Install ms-swift\n   ```\n   pip install ms-swift -U\n   ```\n\n2. Start web-ui\n   ```\n   swift web-ui --lang en\n   ```\n\n3. After startup, access through browser at [http://localhost:7860/](http://localhost:7860/) to see the launched fine-tuning framework program\n\n4. Fill in necessary parameters\n   In the LLM Training interface, fill in required parameters including Model id, Dataset Code. The --output_dir can be filled arbitrarily as it will be modified later through packet capture\n\n5. Click Begin to start training. Capture packets and modify the parameter corresponding to --output_dir\n\n   You can see the concatenated command being executed in the terminal where web-ui was started\n\n6. Wait for the program to run (testing shows it requires at least 5 minutes), and you can observe the effect of command execution creating files\n\n**II. Vulnerability Proof (Write POC here):**\n```\n/tmp/xxx\u0027; touch /tmp/inject_success_1; #\n```\n\n**III. Fix Solution:**\n1. The swift.ui.llm_train.llm_train.LLMTrain#train() method should not directly concatenate parameters with commands after receiving commands from the frontend\n2. The swift.ui.llm_train.llm_train.LLMTrain#train_local() method should not use os.system for execution, but should be changed to subprocess.run([cmd, arg1, arg2...]) format\n\n## Author\n\n* Discovered by: [TencentAISec](https://github.com/TencentAISec)\n* Contact: *[security@tencent.com](mailto:security@tencent.com)*",
  "id": "GHSA-7c78-rm87-5673",
  "modified": "2025-10-23T17:42:54Z",
  "published": "2025-07-31T14:04:24Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/modelscope/ms-swift/security/advisories/GHSA-7c78-rm87-5673"
    },
    {
      "type": "WEB",
      "url": "https://github.com/modelscope/ms-swift/commit/32f09e9b0a44f19d44210e2b5b47c58ab01740e1"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/modelscope/ms-swift"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:P",
      "type": "CVSS_V4"
    }
  ],
  "summary": "MS SWIFT WEB-UI RCE Vulnerability"
}



Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Loading…

Detection rules are retrieved from Rulezet.

Loading…

Loading…