oobabooga text-generation-webui trust_remote_code Reliance on Untrusted Inputs Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of oobabooga text-generation-webui. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the trust_remote_code parameter provided to the join endpoint. The issue results from the lack of proper validation of a user-supplied argument before using it to load a model. An attacker can leverage this vulnerability to execute code in the context of the service account. Was ZDI-CAN-26681.
The vulnerability lies in the handling of the trust_remote_code parameter passed to the join endpoint. The application does not properly validate the value supplied by the user before using it to load a model. An attacker can submit a crafted parameter, forcing the loading of malicious code in the context of the service account under which the service runs.
An attacker can execute arbitrary code in the context of the service account, which may lead to complete system compromise, data breach, or further lateral movement in the network.
Update oobabooga text-generation-webui to a version containing the patch introduced by commit b5a6904c4ac4049823396090360b6f566f4e4603. Details available in vendor references and ZDI-25-982 advisory.
Installations of oobabooga text-generation-webui — specific versions indicated in vendor references (commit b5a6904c4ac4049823396090360b6f566f4e4603 on GitHub).
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H