Is Command Injection affected by EUVD-2026-16167?

Red Hat Foreman and Satellite 6 deployments are vulnerable to remote code execution through the VM VNC console WebSocket proxy, allowing attackers with low-privileged access to execute arbitrary commands on the Foreman server and compromise the entire managed infrastructure.

EUVD-2026-16167

| CVE-2026-1961 HIGH

2026-03-26 redhat

GHSA-fh2w-2c26-vpg5

8.0

CVSS 3.1

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

Required

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Patch Released

Apr 09, 2026 - 14:30 nvd

Patch available

EUVD ID Assigned

Mar 26, 2026 - 13:15 euvd

EUVD-2026-16167

Analysis Generated

Mar 26, 2026 - 13:15 vuln.today

CVE Published

Mar 26, 2026 - 12:53 nvd

HIGH 8.0

Description

A flaw was found in Foreman. A remote attacker could exploit a command injection vulnerability in Foreman's WebSocket proxy implementation. This vulnerability arises from the system's use of unsanitized hostname values from compute resource providers when constructing shell commands. By operating a malicious compute resource server, an attacker could achieve remote code execution on the Foreman server when a user accesses VM VNC console functionality. This could lead to the compromise of sensitive credentials and the entire managed infrastructure.

Analysis

Remote code execution is achievable in Red Hat Foreman and Satellite 6 via command injection in the WebSocket proxy implementation when users access VM VNC console functionality. An attacker controlling a malicious compute resource server can inject unsanitized hostname values into shell commands, compromising the Foreman server and potentially the entire managed infrastructure. …

Remediation

Within 24 hours: inventory all Red Hat Foreman and Satellite 6 instances, document versions, and identify which systems have external or untrusted compute resource server connections. Within 7 days: implement network segmentation to restrict compute resource server access and disable VNC console functionality if operationally feasible, pending vendor patch availability. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.1

CVSS: +40

POC: 0

Vendor Status

EUVD-2026-16167 vulnerability details – vuln.today

Back

EUVD-2026-16167

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Remediation

Analysis

Full analysis requires sign-in

Priority Score

Vendor Status

Share

EUVD-2026-16167

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Remediation

Full analysis requires sign-in

Priority Score

Vendor Status

Share

External POC / Exploit Code