EUVD-2026-29051
GHSA-3wjm-5g86-c6p3
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Lifecycle Timeline
2DescriptionNVD
A flaw was found in Cockpit. This vulnerability allows a remote attacker to achieve arbitrary command execution on the host by exploiting unsanitized user-controlled parameters within crafted links in the system logs user interface (UI). An attacker can inject shell metacharacters and command substitutions into these parameters, leading to the execution of arbitrary shell commands on the affected system. This could result in a complete system compromise.
AnalysisAI
Remote code execution in Cockpit's system logs UI allows authenticated users to inject shell metacharacters into unsanitized URL parameters, executing arbitrary commands on RHEL 7/8/9/10 hosts. Attack requires low-complexity exploitation by a logged-in user who can craft malicious links targeting the logs interface. …
Sign in for full analysis, threat intelligence, and remediation guidance.
RemediationAI
Within 24 hours: Inventory all RHEL 7/8/9/10 systems running Cockpit and document version numbers; restrict Cockpit web interface access to trusted administrative networks only via firewall rules. Within 7 days: Audit Cockpit access logs for suspicious URL parameters containing shell metacharacters in the logs interface; disable Cockpit on non-critical systems if patching cannot be prioritized. …
Sign in for detailed remediation steps.
Vendor StatusVendor
Share
External POC / Exploit Code
Leaving vuln.today