HarborGuardharborguardDatabase
Back to search
HIGHCVE-2026-43624Published Modified CNA VulnCheck

CVE-2026-43624: F5-TTS 1.1.20 Path Traversal via finetune_gradio.py create_data_project()

F5-TTS through version 1.1.20 contains a path traversal vulnerability in the finetune Gradio handlers that allows unauthenticated attackers to write arbitrary files by passing unsanitized user-supplied project names directly to os.path.join() without validating the resulting path stays within the intended base directory. Attackers can supply absolute path arguments such as /tmp/EVIL to override the base directory entirely and create arbitrary directories with attacker-controlled JSON content at any filesystem path writable by the server process.

Metrics

CVSS v4.0
8.8
Severity
HIGH
Fixed in
2f53ded68e5f69e248ceb200a51ef4d1dc647936
Affected Products
1

Get notified

Email me when this CVE is updated: new fix versions, severity changes, or any record change.

HarborGuard Analysis

Synopsis

Path traversal vulnerability in F5-TTS (versions up to and including 1.1.20) allows unauthenticated attackers to write arbitrary files anywhere on the host filesystem writable by the server process. The flaw lives in the finetune Gradio handler's create_data_project() function, which passes unsanitized user-supplied project names directly to os.path.join() without checking that the resulting path stays inside the intended directory. Exploitation requires only a network connection and no credentials, and enables an attacker to write attacker-controlled JSON content to arbitrary filesystem paths. A patched-image rebuild at commit 2f53ded68e5f69e248ceb200a51ef4d1dc647936 is available on HarborGuard for environments running an affected version.

HarborGuard Coverage

Detection

Detection of CVE-2026-43624 is available across every HarborGuard environment: the CVE is ingested from upstream advisory feeds within minutes of publication and matched against all customer images, including custom-built images that bundle F5-TTS at or below version 1.1.20. Any image in a customer registry or CI pipeline containing an affected version is flagged automatically.

Available
Triage

HarborGuard is capable of scoring this CVE at CVSS v4.0 8.8 (HIGH) and weighting that score against each environment's compliance policy to determine urgency. Triage findings are routable to the appropriate team inbox within each customer organization based on image ownership and policy configuration.

Available
Patch

A patched-image rebuild pinned to commit 2f53ded68e5f69e248ceb200a51ef4d1dc647936 is available on HarborGuard for any environment found running an affected version. For customers who opt into auto-remediation, HarborGuard can perform the rebuild, run a regression test suite, and open a pull request against affected workloads automatically.

Available

Exploit Conditions

  • Network reachabilityRequired

    The Gradio HTTP endpoint is exposed over the network, so an attacker must be able to reach the service on its listening port.

  • AuthenticationNot required

    No credentials or session token are needed; the vulnerable handler accepts unauthenticated requests.

  • Victim interactionNot required

    The attack is fully server-side; no user action or social engineering is required.

  • Attack complexityDetail

    Exploitation is reliable and condition-free: the attacker supplies a crafted project-name string in a single request with no race conditions or environmental prerequisites.

Blast Radius

  • Writes attacker-controlled JSON files to any filesystem path writable by the server process, including sensitive configuration directories.
  • Creates arbitrary directories on the host, enabling staging areas for follow-on payloads or overwriting application config files.
  • Degrades service availability in a limited way by corrupting files or filling filesystem paths the application depends on (integrity impact rated HIGH, availability impact rated LOW).

How HarborGuard Handles This

Available on HarborGuard: detection for CVE-2026-43624 activates the moment the advisory is ingested, matching all scanned images that include F5-TTS at or below version 1.1.20. For environments with auto-remediation enabled, HarborGuard can rebuild the affected image at the fixed commit (2f53ded68e5f69e248ceb200a51ef4d1dc647936), execute a regression run, and open a pull request against affected workloads; median time from CVE publication to merged patch PR for high-severity issues is around 90 minutes in environments with auto-remediation enabled. Where compliance policy does not permit auto-remediation, the rebuilt image is available for manual promotion. As a compensating control while remediation is in progress, customers can apply a network policy that restricts access to the Gradio endpoint to trusted source CIDRs only, reducing the unauthenticated-network-reachability precondition that makes this vulnerability exploitable.

See how HarborGuard automates this

Fix available

2f53ded68e5f69e248ceb200a51ef4d1dc647936
Patch commits
Affected packages
  • SWivid / F5-TTS
    ≤ 1.1.20
    Fixed in 2f53ded68e5f69e248ceb200a51ef4d1dc647936
CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N
References