MS SWIFT WEB-UI RCE Vulnerability
Description
I. Detailed Description:
This includes scenarios, screenshots, vulnerability reproduction methods. For account-related vulnerabilities, please provide test accounts. If the reproduction process is complex, you may record a video, upload it to Taopan, and attach the link.
1. Install ms-swift `` pip install ms-swift -U ``
2. Start web-ui `` swift web-ui --lang en ``
- After startup, access through browser at http://localhost:7860/ to see the launched fine-tuning framework program
4. Fill in necessary parameters In the LLM Training interface, fill in required parameters including Model id, Dataset Code. The --output_dir can be filled arbitrarily as it will be modified later through packet capture
- Click Begin to start training. Capture packets and modify the parameter corresponding to --output_dir
You can see the concatenated command being executed in the terminal where web-ui was started
- Wait for the program to run (testing shows it requires at least 5 minutes), and you can observe the effect of command execution creating files
II. Vulnerability Proof (Write POC here): `` /tmp/xxx'; touch /tmp/inject_success_1; # ``
III. Fix Solution: 1. The swift.ui.llm_train.llm_train.LLMTrain#train() method should not directly concatenate parameters with commands after receiving commands from the frontend 2. The swift.ui.llm_train.llm_train.LLMTrain#train_local() method should not use os.system for execution, but should be changed to subprocess.run([cmd, arg1, arg2...]) format
Author
- Discovered by: TencentAISec
- Contact: *security@tencent.com*
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
ms-swiftPyPI | < 3.7.0 | 3.7.0 |
Affected products
2- Range: < 3.7.0
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.