Plateforme
python
Composant
ray
Corrigé dans
2.8.1
2.8.1
A path traversal vulnerability has been discovered in the Ray Dashboard, a web-based interface for managing Ray clusters. This flaw, affecting versions prior to 2.8.1, allows attackers to bypass intended access controls and potentially disclose sensitive files on the system. The vulnerability stems from insufficient validation of user-supplied paths within the static file handling mechanism. Upgrading to version 2.8.1 resolves this issue.
The primary impact of this vulnerability is the potential for local file disclosure. An attacker could leverage the path traversal sequences (e.g., ../../) to navigate outside the intended static directory and access arbitrary files on the server hosting the Ray Dashboard. This could include configuration files, source code, or other sensitive data. The blast radius is limited to the server hosting the dashboard and the files accessible from that server. While not directly leading to remote code execution, the disclosed information could be used to further compromise the system or reveal valuable insights into the Ray cluster's configuration and operation.
This vulnerability was publicly disclosed on 2026-03-17. There is no indication of active exploitation campaigns at this time. The vulnerability is not currently listed on CISA KEV. Public proof-of-concept exploits are not widely available, but the nature of path traversal vulnerabilities makes it likely that such exploits will emerge.
Organizations deploying Ray clusters with the Ray Dashboard enabled are at risk, particularly those running versions 0.0 through 2.8.1. Shared hosting environments where multiple users share the same Ray Dashboard instance are especially vulnerable, as an attacker could potentially access files belonging to other users.
• python / server:
import os
import requests
url = 'http://your_ray_dashboard_ip:8265/static/../../../../etc/passwd'
response = requests.get(url)
if response.status_code == 200:
print('Potential Path Traversal Detected: ', response.text[:100]) # Print first 100 chars
else:
print('No Path Traversal Detected')• linux / server:
find / -name 'ray_dashboard.conf' -print 2>/dev/null | while read file;
do
grep -q 'path_traversal_bypass' $file && echo "Potential Path Traversal Configuration Found: $file";
donedisclosure
Statut de l'Exploit
EPSS
0.08% (percentile 24%)
CISA SSVC
Vecteur CVSS
The recommended mitigation is to immediately upgrade the Ray Dashboard to version 2.8.1 or later. If upgrading is not immediately feasible, consider implementing a Web Application Firewall (WAF) rule to block requests containing traversal sequences (e.g., ../, ../../). Additionally, restrict access to the Ray Dashboard to trusted networks and users. Regularly review and audit file permissions within the static directory to ensure that only authorized files are accessible. Implement input validation and sanitization on all user-supplied paths to prevent future path traversal vulnerabilities.
Actualice Ray a la versión 2.8.1 o superior. Esto solucionará la vulnerabilidad de path traversal en el dashboard de Ray. La actualización se puede realizar utilizando el gestor de paquetes de Python (pip).
Analyses de vulnérabilités et alertes critiques directement dans votre boîte mail.
CVE-2026-32981 is a path traversal vulnerability in Ray Dashboard versions 0.0 - 2.8.1, allowing attackers to access files outside the intended static directory.
You are affected if you are using Ray Dashboard versions 0.0 through 2.8.1. Upgrade to 2.8.1 or later to mitigate the risk.
The primary fix is to upgrade Ray Dashboard to version 2.8.1 or later. Consider WAF rules as a temporary workaround.
There is currently no evidence of active exploitation, but the vulnerability's nature makes exploitation likely.
Refer to the official Ray security advisory for detailed information and updates: [https://ray.io/security/](https://ray.io/security/)
Téléverse ton fichier de dépendances et découvre instantanément si cette CVE et d'autres te touchent.
Téléverse ton fichier requirements.txt et nous te dirons instantanément si tu es affecté.