Plattform
python
Komponente
text-generation-webui
Behoben in
4.3.1
CVE-2026-35485 describes a Path Traversal vulnerability discovered in text-generation-webui, an open-source web interface for Large Language Models. This vulnerability allows an attacker to read arbitrary files on the server, potentially exposing sensitive data like configuration files or source code. The vulnerability affects versions prior to 4.3 and has been resolved in version 4.3.0.
The impact of this vulnerability is significant due to its unauthenticated nature and the potential for widespread data exposure. An attacker can exploit this flaw by crafting malicious API requests that include directory traversal payloads (e.g., ../../../etc/passwd). Successful exploitation allows the attacker to read any file accessible to the web server process, including sensitive configuration files, private keys, and potentially even source code. This could lead to further compromise of the system and its data. The lack of server-side validation of dropdown values in Gradio makes this attack straightforward to execute.
CVE-2026-35485 was publicly disclosed on 2026-04-07. There are currently no known public proof-of-concept exploits available, but the vulnerability's ease of exploitation suggests it could become a target for opportunistic attackers. The vulnerability is not currently listed on the CISA KEV catalog. The lack of authentication makes it a high-priority vulnerability to address.
Organizations and individuals deploying text-generation-webui, particularly those running older versions (prior to 4.3.0) in production environments, are at risk. Shared hosting environments where multiple users share the same server are also particularly vulnerable, as an attacker could potentially exploit this vulnerability to access files belonging to other users.
• python / server:
import os
import requests
# Check for vulnerable versions
version_url = 'http://localhost:7860/api/version'
response = requests.get(version_url)
version = response.json().get('version', 'unknown')
if version and float(version.split('.')[0]) < 4:
print('Vulnerable version detected!')
# Attempt path traversal
url = 'http://localhost:7860/api/file/../../../../etc/passwd'
response = requests.get(url)
if 'root:x:' in response.text:
print('Path traversal detected!')disclosure
Exploit-Status
EPSS
0.48% (65% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2026-35485 is to upgrade text-generation-webui to version 4.3.0 or later. If upgrading is not immediately feasible, consider implementing a Web Application Firewall (WAF) or proxy to filter out requests containing directory traversal sequences (e.g., '../'). Restrict file access permissions for the web server user to minimize the potential impact of a successful attack. Regularly review and audit the text-generation-webui configuration to ensure it adheres to security best practices. After upgrading, confirm the fix by attempting to access a sensitive file via the API – the request should be rejected.
Actualice a la versión 4.3.0 o superior para mitigar la vulnerabilidad de recorrido de ruta. Esta actualización corrige la falta de validación del lado del servidor de los valores del menú desplegable, evitando que los atacantes lean archivos arbitrarios del sistema de archivos.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2026-35485 is a Path Traversal vulnerability in text-generation-webui versions before 4.3, allowing unauthenticated attackers to read any file on the server.
You are affected if you are using text-generation-webui versions prior to 4.3.0. Check your version and upgrade immediately.
Upgrade to text-generation-webui version 4.3.0 or later. Consider WAF rules as a temporary mitigation if upgrading is not possible.
While no active exploitation campaigns have been confirmed, the vulnerability's ease of exploitation makes it a potential target.
Refer to the text-generation-webui project's repository and release notes for the official advisory and update information.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.
Lade deine requirements.txt-Datei hoch und wir sagen dir sofort, ob du betroffen bist.