EUVD-2026-19669
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Lifecycle Timeline
3Tags
Description
text-generation-webui is an open-source web interface for running Large Language Models. Prior to 4.3, an unauthenticated path traversal vulnerability in load_grammar() allows reading any file on the server filesystem with no extension restriction. Gradio does not server-side validate dropdown values, so an attacker can POST directory traversal payloads (e.g., ../../../etc/passwd) via the API and receive the full file contents in the response. This vulnerability is fixed in 4.3.
Analysis
Remote unauthenticated file disclosure in oobabooga text-generation-webui versions prior to 4.3 allows arbitrary file reading through path traversal in load_grammar() function. Attackers can retrieve any file from the server filesystem without authentication by exploiting insufficient validation of Gradio dropdown values, submitting directory traversal sequences via API requests. …
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 24 hours: Inventory all deployments of oobabooga text-generation-webui and identify versions prior to 4.3; isolate affected instances from untrusted networks. Within 7 days: Upgrade to text-generation-webui version 4.3 or later where available, or apply vendor-supplied patches; review server logs for suspicious API requests to the load_grammar() function containing path traversal sequences (../ patterns). …
Sign in for detailed remediation steps.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today