216.73.216.215

CVE-2026-43624

· Published 01/06/2026 19:16 · Modified 02/06/2026 14:43

Labels: CVE-2026-43624 2026-06-01CVE-2026-43624CWE-22[email protected]

Essential information

Published
01/06/2026 19:16
Modified
02/06/2026 14:43
Author
Creator
CVSS
8.8 HIGH (v3) 8.8 HIGH (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

F5-TTS through version 1.1.20 contains a path traversal vulnerability in the finetune Gradio handlers that allows unauthenticated attackers to write arbitrary files by passing unsanitized user-supplied project names directly to os.path.join() without validating the resulting path stays within the intended base directory. Attackers can supply absolute path arguments such as /tmp/EVIL to override the base directory entirely and create arbitrary directories with attacker-controlled JSON content at any filesystem path writable by the server process.

NVD status

Status
Deferred — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
f5 / f5-tts cpe:2.3:a:f5:f5-tts:*:*:*:*:*:*:*:*

References