GHSA-7c78-rm87-5673

Source

https://github.com/advisories/GHSA-7c78-rm87-5673

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2025/07/GHSA-7c78-rm87-5673/GHSA-7c78-rm87-5673.json

JSON Data

https://api.osv.dev/v1/vulns/GHSA-7c78-rm87-5673

Aliases

CVE-2025-41419

Published

2025-07-31T14:04:24Z

Modified

2025-10-23T18:12:45.043871Z

Severity

5.1 (Medium) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:P CVSS Calculator

Summary

MS SWIFT WEB-UI RCE Vulnerability

Details

I. Detailed Description:

This includes scenarios, screenshots, vulnerability reproduction methods. For account-related vulnerabilities, please provide test accounts. If the reproduction process is complex, you may record a video, upload it to Taopan, and attach the link.

Install ms-swift
```
pip install ms-swift -U
```
Start web-ui
```
swift web-ui --lang en
```
After startup, access through browser at http://localhost:7860/ to see the launched fine-tuning framework program
Fill in necessary parameters In the LLM Training interface, fill in required parameters including Model id, Dataset Code. The --output_dir can be filled arbitrarily as it will be modified later through packet capture
Click Begin to start training. Capture packets and modify the parameter corresponding to --output_dir

You can see the concatenated command being executed in the terminal where web-ui was started
Wait for the program to run (testing shows it requires at least 5 minutes), and you can observe the effect of command execution creating files

II. Vulnerability Proof (Write POC here):

/tmp/xxx'; touch /tmp/inject_success_1; #

III. Fix Solution: 1. The swift.ui.llmtrain.llmtrain.LLMTrain#train() method should not directly concatenate parameters with commands after receiving commands from the frontend 2. The swift.ui.llmtrain.llmtrain.LLMTrain#train_local() method should not use os.system for execution, but should be changed to subprocess.run([cmd, arg1, arg2...]) format

Author

Discovered by: TencentAISec
Contact: security@tencent.com

Database specific

{
    "github_reviewed": true,
    "github_reviewed_at": "2025-07-31T14:04:24Z",
    "severity": "MODERATE",
    "nvd_published_at": null,
    "cwe_ids": [
        "CWE-117"
    ]
}

References

Affected packages

PyPI / ms-swift

Package

Name: ms-swift; View open source insights on deps.dev
Purl: pkg:pypi/ms-swift

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.7.0

Affected versions

1.*

1.0.0

1.1.0

1.2.0

1.2.1

1.3.0

1.4.0

1.5.0

1.5.1

1.5.2

1.5.3

1.5.4

1.6.0

1.6.1

1.6.2

1.6.3

1.7.0

1.7.1

1.7.2

1.7.3

2.*

2.0.0

2.0.1

2.0.2

2.0.3

2.0.3.post1

2.0.4

2.0.5

2.0.5.post1

2.1.0

2.1.1

2.1.1.post1

2.1.1.post2

2.2.0

2.2.1

2.2.2

2.2.3

2.2.4

2.2.5

2.3.0

2.3.0.post1

2.3.1

2.3.2

2.3.2.post1

2.4.0

2.4.0.post1

2.4.1

2.4.2

2.4.2.post1

2.4.2.post2

2.5.0.post1

2.5.1

2.5.1.post1

2.5.2

2.5.2.post1

2.6.0

2.6.0.post1

2.6.0.post2

2.6.1

3.*

3.0.0

3.0.1

3.0.1.post1

3.0.2

3.0.2.post1

3.0.3

3.1.0

3.1.1

3.1.1.post1

3.2.0

3.2.0.post2

3.2.1

3.2.2

3.3.0

3.3.0.post1

3.3.1

3.4.0

3.4.1

3.4.1.post1

3.5.0

3.5.1

3.5.2

3.5.3

3.6.0

3.6.1

3.6.2

3.6.3

3.6.4

Database specific

source

"https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2025/07/GHSA-7c78-rm87-5673/GHSA-7c78-rm87-5673.json"