External risk intelligence

SGLangs allows attackers to write anywhere on your systems without logging in.

CVE advisorySeverity: CRITICAL (CVSS 9.1)

CVE-2026-7302

An external attacker can exploit a file upload flaw in SGLang to overwrite critical system files and seize control of the server. This poses a severe risk of a total loss of system integrity and could lead to further unauthorized activity across the business network.

3Halo Surface Signal

Path Traversal

Lmsys Sglang

0.5.10

External exposure likelihood

Halo Surface Signal score for CVE-2026-7302

The vulnerability involves an unauthenticated file upload interface within a multimodal generation runtime. While potentially reachable from the internet, these runtimes are typically deployed as backend components or internal services rather than inherently public-facing gateways, making public internet exposure plausible but not the default or standard deployment pattern.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

Horizon Alert

Summary of the vulnerability and why it matters

An unauthenticated path traversal flaw in the SGLangs multimodal generation runtime allows an attacker to write files anywhere the server process has permission, by manipulating filenames sent to specific endpoints. This is significant because it can allow unauthorized modifications to critical system files or data, potentially leading to system compromise.

  • Can alter critical server files.
  • Affects services processing uploads.
  • Accessible from the internet.

Attack Path

How an attacker could exploit the issue

An unauthenticated attacker can exploit this flaw by sending specially crafted filenames with path traversal sequences to specific upload endpoints. This allows them to write arbitrary files to any location on the server that the runtime process has write permissions for. The primary target would be to overwrite critical system files or inject malicious code to gain further control.

  • No authentication required.
  • Target specific upload endpoints.
  • Server process needs write access.

Live Threat

Current exploitation, exposure, and threat context

This vulnerability allows unauthenticated attackers to write arbitrary files anywhere the server process has write access, a highly impactful capability. While the description implies immediate exploitability, the actual threat picture hinges on how SGLangs multimodal generation runtime is deployed and exposed. If deployed as an internet-facing service, it presents a significant risk.

  • Exploitability is high.
  • No public exploit available.
  • Recent vulnerability disclosure.

Priority actions

Operational Fix

Recommended remediation, mitigation, and detection steps

Prioritize isolating or taking offline any SGLangs services that handle file uploads due to the critical path traversal vulnerability, allowing unauthenticated arbitrary file writes. Monitor network traffic for suspicious upload patterns targeting these endpoints. If isolation is not feasible, implement strict ingress filtering to block requests with `../` sequences in filenames sent to affected upload endpoints.

  • Block `../` in upload filenames.
  • Isolate or take affected services offline.
  • Monitor for anomalous file uploads.

Frequently asked questions

What is SGLangs and its primary function?

SGLangs is a multimodal generation runtime designed for processing and generating various forms of media, including text and images, for advanced applications.

How does the CVE-2026-7302 vulnerability function, and what is its weakness class?

This vulnerability is a path traversal flaw, classified as CWE-35. It allows an attacker to access files and directories outside of the intended scope by exploiting crafted filenames.

What is the trigger path for CVE-2026-7302, and what is its scope negation?

An unauthenticated attacker can trigger this by sending specially crafted filenames containing sequences like '../' to specific upload endpoints. This enables them to write arbitrary files to any location on the server where the SGLangs process has write permissions, effectively negating scope.

What is the relevance of SGLangs multimodal generation runtime vulnerability CVE-2026-7302?

The vulnerability allows unauthenticated attackers to write arbitrary files to any location on the server with write access. This poses a significant risk if SGLangs is deployed as an internet-facing service, potentially leading to system compromise.

What practical steps should be taken to respond to the SGLangs vulnerability?

Prioritize isolating or disabling SGLangs services that handle file uploads. Implement strict ingress filtering to block requests with '../' sequences in filenames targeting affected upload endpoints. Continuous monitoring for suspicious file upload activities is also recommended.

References

Sources and related resources

Primary sources: NVD, CVE.org.

NVDPublished Modified