CVE-2025-41419
I. Detailed Description:
-
Install ms-swift
pip install ms-swift -U -
Start web-ui
swift web-ui --lang en -
After startup, access through browser at http://localhost:7860/ to see the launched fine-tuning framework program
-
Fill in necessary parameters In the LLM Training interface, fill in required parameters including Model id, Dataset Code. The --output_dir can be filled arbitrarily as it will be modified later through packet capture
-
Click Begin to start training. Capture packets and modify the parameter corresponding to --output_dir
You can see the concatenated command being executed in the terminal where web-ui was started
-
Wait for the program to run (testing shows it requires at least 5 minutes), and you can observe the effect of command execution creating files
II. Vulnerability Proof:
/tmp/xxx'; touch /tmp/inject_success_1; #
III. Fix Solution:
- The swift.ui.llm_train.llm_train.LLMTrain#train() method should not directly concatenate parameters with commands after receiving commands from the frontend
- The swift.ui.llm_train.llm_train.LLMTrain#train_local() method should not use os.system for execution, but should be changed to subprocess.run([cmd, arg1, arg2...]) format
Author
- Discovered by: TencentAISec
- Contact: security@tencent.com
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime