CRITICAL🇵🇱 Wersja polska

CVE-2025-12488

CVSS 9.8v3.0pub. 2025-11-06upd. 2026-04-15

oobabooga text-generation-webui trust_remote_code Reliance on Untrusted Inputs Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of oobabooga text-generation-webui. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the trust_remote_code parameter provided to the load endpoint. The issue results from the lack of proper validation of a user-supplied argument before using it to load a model. An attacker can leverage this vulnerability to execute code in the context of the service account. . Was ZDI-CAN-26680.

🤖 AI Analysis
How it works

The vulnerability concerns the handling of the trust_remote_code parameter passed to the model loading endpoint. The application does not perform proper validation of the value supplied by the user before using it to load the model. An attacker can submit a crafted parameter that causes arbitrary code execution in the context of the application's service account.

Impact

An attacker gains the ability to execute arbitrary code in the context of the service account, which may lead to complete system takeover, data theft, and further lateral movement within the network.

Mitigation & patch

The application should be updated to a version containing commit b5a6904c4ac4049823396090360b6f566f4e4603 or newer, available in the official GitHub repository of the oobabooga/text-generation-webui project. Additionally, it is recommended to restrict network access to the API endpoint exclusively to trusted hosts.

Who is affected

oobabooga text-generation-webui installations — specific versions indicated in the manufacturer's references (commit b5a6904c4ac4049823396090360b6f566f4e4603 as the reference point for the fix)

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCE
CWE
References