CVE-2024-52803

{"id": "CVE-2024-52803", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2024-11-21T17:15:24.470", "references": [{"url": "https://gist.github.com/superboy-zjc/f2d2b93ae511c445ba97e144b70e534d", "tags": ["Exploit"], "source": "security-advisories@github.com"}, {"url": "https://github.com/hiyouga/LLaMA-Factory/commit/b3aa80d54a67da45e9e237e349486fb9c162b2ac", "tags": ["Patch"], "source": "security-advisories@github.com"}, {"url": "https://github.com/hiyouga/LLaMA-Factory/security/advisories/GHSA-hj3w-wrh4-44vp", "tags": ["Exploit", "Vendor Advisory"], "source": "security-advisories@github.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-79"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-78"}]}], "descriptions": [{"lang": "en", "value": "LLama Factory enables fine-tuning of large language models. A critical remote OS command injection vulnerability has been identified in the LLama Factory training process. This vulnerability arises from improper handling of user input, allowing malicious actors to execute arbitrary OS commands on the host system. The issue is caused by insecure usage of the `Popen` function with `shell=True`, coupled with unsanitized user input. Immediate remediation is required to mitigate the risk. This vulnerability is fixed in 0.9.1."}, {"lang": "es", "value": "LLama Factory permite el ajuste fino de modelos de lenguaje de gran tama\u00f1o. Se ha identificado una vulnerabilidad cr\u00edtica de inyecci\u00f3n remota de comandos del sistema operativo en el proceso de entrenamiento de LLama Factory. Esta vulnerabilidad surge del manejo inadecuado de la entrada del usuario, lo que permite que actores maliciosos ejecuten comandos arbitrarios del sistema operativo en el sistema host. El problema se debe al uso inseguro de la funci\u00f3n `Popen` con `shell=True`, junto con una entrada del usuario no desinfectada. Se requiere una soluci\u00f3n inmediata para mitigar el riesgo. Esta vulnerabilidad se solucion\u00f3 en la versi\u00f3n 0.9.1."}], "lastModified": "2025-08-27T16:42:48.477", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:hiyouga:llama-factory:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AEB416D8-3547-46AC-AA15-1EB5A04AE49D", "versionEndExcluding": "0.9.1"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}