Unauthenticated Path Traversal in SGLang Multimodal Runtime

SGLang's multimodal generation runtime contains a critical unauthenticated path traversal vulnerability (CVE-2026-7302, CVSS 9.1) that allows attackers to write arbitrary files to any location where the server process has write permissions. By injecting path traversal sequences (../) into upload filenames sent to specific endpoints, an attacker can escape the intended upload directory and place malicious files anywhere on the filesystem. This is particularly dangerous because it requires no authentication, making it trivially exploitable by unauthenticated threat actors. Organizations deploying SGLang for AI-powered multimodal services—particularly those exposed to untrusted networks—face immediate risk of system compromise, code execution, and data exfiltration.

While this CVE currently maps to zero Casky.ai skills due to its novelty and lack of MITRE ATT&CK technique mapping, practitioners using Casky can leverage Claude AI's extended reasoning to identify related attack patterns. Detection would focus on recognizing path traversal indicators in HTTP request logs: suspicious filename parameters containing consecutive ../ sequences, requests to file upload endpoints from unauthenticated sources, and filesystem writes occurring outside designated upload directories. Organizations should monitor for CWE-35 manifestations through anomalous file creation events, particularly in sensitive directories like /etc, /var, or application root paths. Practitioners would see findings highlighting encoding variations of traversal sequences, timing patterns of exploitation attempts, and correlation with subsequent privilege escalation or persistence techniques—enabling proactive response before attackers establish foothold.