CVE-2024-52803

Published: Nov 21, 2024Modified: Aug 27, 2025

9.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

LLama Factory enables fine-tuning of large language models. A critical remote OS command injection vulnerability has been identified in the LLama Factory training process. This vulnerability arises from improper handling of user input, allowing malicious actors to execute arbitrary OS commands on the host system. The issue is caused by insecure usage of the `Popen` function with `shell=True`, coupled with unsanitized user input. Immediate remediation is required to mitigate the risk. This vulnerability is fixed in 0.9.1.

Affected (1)

Products: Hiyouga: Llama Factory

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Hiyouga Llama Factory	Before 0.9.1

Related CWEs

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

References (3)

https://gist.github.com/superboy-zjc/f2d2b93ae511c445ba97e144b70e534d

Source: security-advisories@github.com

Exploit

https://github.com/hiyouga/LLaMA-Factory/commit/b3aa80d54a67da45e9e237e349486fb9c162b2ac

Source: security-advisories@github.com

Patch

https://github.com/hiyouga/LLaMA-Factory/security/advisories/GHSA-hj3w-wrh4-44vp

Source: security-advisories@github.com

ExploitVendor Advisory

Timeline

No history available yet.