{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/354100?format=json","vulnerability_id":"VCID-nqrd-gp43-g7dw","summary":"RClone: Unauthenticated operations/fsinfo allows attacker-controlled backend instantiation and local command execution\n### Summary\nThe RC endpoint `operations/fsinfo` is exposed without `AuthRequired: true` and accepts attacker-controlled `fs` input. Because `rc.GetFs(...)` supports inline backend definitions, an unauthenticated attacker can instantiate an attacker-controlled backend on demand. For the WebDAV backend, `bearer_token_command` is executed during backend initialization, making single-request unauthenticated local command execution possible on reachable RC deployments without global HTTP authentication.\n\n### Preconditions\n\nPreconditions for this vulnerability are:\n\n- The rclone remote control API **must** be enabled, either by the `--rc` flag or by running the `rclone rcd` server\n- The remote control API **must** be reachable by the attacker - by default rclone only serves the rc to localhost unless the `--rc-addr` flag is in use\n- The rc must have been deployed **without** global RC HTTP authentication - so not using `--rc-user`/`--rc-pass`/`--rc-htpasswd`/etc\n\n\n### Details\nThe root cause consists of the following pieces:\n\n1. `operations/fsinfo` is not protected with `AuthRequired: true`\n2. `operations/fsinfo` calls `rc.GetFs(...)` on attacker-controlled input\n3. `rc.GetFs(...)` supports inline backend creation through object-valued `fs`\n4. WebDAV backend initialization executes `bearer_token_command`\n\nRelevant code paths:\n\n- [`fs/operations/rc.go`](https://github.com/rclone/rclone/blob/bf55d5e6d37fd86164a87782191f9e1ffcaafa82/fs/operations/rc.go)\n  - `operations/fsinfo` is registered without `AuthRequired: true`\n  - `rcFsInfo()` calls `rc.GetFs(ctx, in)`\n\n- [`fs/rc/cache.go`](https://github.com/rclone/rclone/blob/bf55d5e6d37fd86164a87782191f9e1ffcaafa82/fs/rc/cache.go)\n  - `GetFs()` / `GetFsNamed()` can parse an object-valued `fs`\n  - `getConfigMap()` converts attacker-controlled JSON into a backend config string\n\n- [`backend/webdav/webdav.go`](https://github.com/rclone/rclone/blob/bf55d5e6d37fd86164a87782191f9e1ffcaafa82/backend/webdav/webdav.go)\n  - `bearer_token_command` is a supported backend option\n  - `NewFs(...)` calls `fetchAndSetBearerToken()` when `bearer_token_command` is set\n  - `fetchBearerToken()` invokes `exec.Command(...)`\n\nThis creates a practical single-request unauthenticated command-execution primitive on reachable RC servers without global HTTP authentication.\n\nThis was alidated on:\n- current `master` as of 2026-04-14: `bf55d5e6d37fd86164a87782191f9e1ffcaafa82`\n- latest public release tested locally: `v1.73.4`\n\nThis was also validated on a public amd64 Ubuntu host controlled by the tester, using direct host execution (not containerized PoC execution).\n\n### PoC\n#### Minimal single-request form PoC\nStart a vulnerable RC server:\n\n```bash\nrclone rcd --rc-addr 127.0.0.1:5572\n```\n\nNo `--rc-user`, no `--rc-pass`, no `--rc-htpasswd`.\n\nThen send a single request:\n\n```bash\ncurl -sS -X POST http://127.0.0.1:5572/operations/fsinfo \\\n  --data-urlencode \"fs=:webdav,url='http://127.0.0.1/',vendor=other,bearer_token_command='/usr/bin/touch /tmp/rclone_fsinfo_rce_poc_marker':\"\n```\n\nExpected result:\n- HTTP 200 JSON response from `operations/fsinfo`\n- `/tmp/rclone_fsinfo_rce_poc_marker` is created on the host\n\n### Impact\nThis is effectively a single-request unauthenticated command-execution vulnerability on reachable RC deployments without global HTTP authentication.\n\nIn practice, command execution in the rclone process context can lead to higher-impact outcomes such as local file read, file write, or shell access, depending on the deployed environment.\n\n#### Testing performed\nThis was successfully reproduced:\n- on a local test environment\n- on a public amd64 Ubuntu host controlled by the tester\n\nOn the public host it was confirmed:\n\n- the unauthenticated `operations/fsinfo` exploit worked\n- command execution occurred on the host\n- the issue was reproducible through direct host execution","aliases":[{"alias":"CVE-2026-41179"},{"alias":"GHSA-jfwf-28xr-xw6q"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1081590?format=json","purl":"pkg:apk/alpine/rclone@1.73.5-r0?arch=aarch64&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/rclone@1.73.5-r0%3Farch=aarch64&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/1081596?format=json","purl":"pkg:apk/alpine/rclone@1.73.5-r0?arch=s390x&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/rclone@1.73.5-r0%3Farch=s390x&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/1081591?format=json","purl":"pkg:apk/alpine/rclone@1.73.5-r0?arch=armhf&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/rclone@1.73.5-r0%3Farch=armhf&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/1081592?format=json","purl":"pkg:apk/alpine/rclone@1.73.5-r0?arch=armv7&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/rclone@1.73.5-r0%3Farch=armv7&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/1081593?format=json","purl":"pkg:apk/alpine/rclone@1.73.5-r0?arch=loongarch64&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/rclone@1.73.5-r0%3Farch=loongarch64&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/1081594?format=json","purl":"pkg:apk/alpine/rclone@1.73.5-r0?arch=ppc64le&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/rclone@1.73.5-r0%3Farch=ppc64le&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/1081595?format=json","purl":"pkg:apk/alpine/rclone@1.73.5-r0?arch=riscv64&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/rclone@1.73.5-r0%3Farch=riscv64&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/1081597?format=json","purl":"pkg:apk/alpine/rclone@1.73.5-r0?arch=x86&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/rclone@1.73.5-r0%3Farch=x86&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/1081598?format=json","purl":"pkg:apk/alpine/rclone@1.73.5-r0?arch=x86_64&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/rclone@1.73.5-r0%3Farch=x86_64&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/1076425?format=json","purl":"pkg:golang/github.com/rclone/rclone@1.73.5","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:golang/github.com/rclone/rclone@1.73.5"}],"affected_packages":[],"references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-41179.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-41179.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-41179","reference_id":"","reference_type":"","scores":[{"value":"0.05976","scoring_system":"epss","scoring_elements":"0.90692","published_at":"2026-04-26T12:55:00Z"},{"value":"0.09603","scoring_system":"epss","scoring_elements":"0.92904","published_at":"2026-05-05T12:55:00Z"},{"value":"0.09603","scoring_system":"epss","scoring_elements":"0.92896","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-41179"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-41179","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-41179"},{"reference_url":"https://github.com/rclone/rclone","reference_id":"","reference_type":"","scores":[{"value":"9.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rclone/rclone"},{"reference_url":"https://github.com/rclone/rclone/security/advisories/GHSA-jfwf-28xr-xw6q","reference_id":"","reference_type":"","scores":[{"value":"9.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-04-27T13:33:03Z/"}],"url":"https://github.com/rclone/rclone/security/advisories/GHSA-jfwf-28xr-xw6q"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134735","reference_id":"1134735","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134735"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460988","reference_id":"2460988","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460988"},{"reference_url":"https://github.com/rclone/rclone/blob/bf55d5e6d37fd86164a87782191f9e1ffcaafa82/fs/rc/cache.go","reference_id":"cache.go","reference_type":"","scores":[{"value":"9.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-04-27T13:33:03Z/"}],"url":"https://github.com/rclone/rclone/blob/bf55d5e6d37fd86164a87782191f9e1ffcaafa82/fs/rc/cache.go"},{"reference_url":"https://github.com/rclone/rclone/blob/bf55d5e6d37fd86164a87782191f9e1ffcaafa82/fs/operations/rc.go","reference_id":"rc.go","reference_type":"","scores":[{"value":"9.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-04-27T13:33:03Z/"}],"url":"https://github.com/rclone/rclone/blob/bf55d5e6d37fd86164a87782191f9e1ffcaafa82/fs/operations/rc.go"},{"reference_url":"https://github.com/rclone/rclone/blob/bf55d5e6d37fd86164a87782191f9e1ffcaafa82/backend/webdav/webdav.go","reference_id":"webdav.go","reference_type":"","scores":[{"value":"9.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-04-27T13:33:03Z/"}],"url":"https://github.com/rclone/rclone/blob/bf55d5e6d37fd86164a87782191f9e1ffcaafa82/backend/webdav/webdav.go"}],"weaknesses":[{"cwe_id":306,"name":"Missing Authentication for Critical Function","description":"The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources."},{"cwe_id":78,"name":"Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')","description":"The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component."},{"cwe_id":94,"name":"Improper Control of Generation of Code ('Code Injection')","description":"The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment."}],"exploits":[],"severity_range_score":"9.0 - 10.0","exploitability":null,"weighted_severity":null,"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nqrd-gp43-g7dw"}