GHSA-7c78-rm87-5673: 
Python vulnerability analysis and mitigation

A Remote Code Execution (RCE) vulnerability was discovered in the MS SWIFT Web-UI interface, tracked as GHSA-7c78-rm87-5673. The vulnerability affects versions <= 3.6.3 of the ms-swift package on pip and was discovered by TencentAISec. The issue was disclosed on July 31, 2025, and involves command injection through parameter manipulation in the web interface (GitHub Advisory).

The vulnerability stems from improper command string construction in multiple components of the ms-swift web UI. The root cause is the practice of building shell command strings by directly concatenating user-provided input without proper sanitization or escaping. The vulnerability primarily affects methods like LLMTrain.train() and LLMTrain.trainlocal(), where user-controlled parameters such as --outputdir are appended to command strings without proper validation. The issue is classified under CWE-117 (Improper Output Neutralization for Logs) (GitHub Advisory, Miggo Database).

The vulnerability allows attackers to execute arbitrary commands on the system running the ms-swift web UI. By manipulating parameters like --output_dir through packet capture, an attacker can inject malicious commands that will be executed by the system. The impact is particularly severe as it affects multiple UI components including training, evaluation, exporting, and inference functionalities (GitHub Advisory).

The recommended fix involves modifying the code to use subprocess.run([cmd, arg1, arg2...]) instead of direct command string concatenation and os.system() execution. Specifically, the swift.ui.llmtrain.llmtrain.LLMTrain#train() method should be modified to avoid direct parameter concatenation, and the swift.ui.llmtrain.llmtrain.LLMTrain#train_local() method should be updated to use subprocess.run() for secure command execution. Users should upgrade to version 3.7 or later which contains the security fixes (GitHub Advisory).