CVE-2022-50919

CRITICAL

Tdarr 2.00.15 - Unauthenticated Remote Code Execution via Help Terminal Command Injection

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2022-50919. PoCs published by Sam Smith.

AI-analyzed exploit summary This exploit demonstrates a command injection vulnerability in Tdarr 2.00.15 via the Help tab's FFmpeg/HandBrake terminal. The lack of input filtering allows command chaining to achieve remote code execution (RCE) without authentication.

Description

Tdarr 2.00.15 contains an unauthenticated remote code execution vulnerability in its Help terminal that allows attackers to inject and chain arbitrary commands. Attackers can exploit the lack of input filtering by chaining commands like `--help; curl .py | python` to execute remote code without authentication.

Exploits (1)

exploitdb WORKING POC
by Sam Smith · textremotemultiple
https://www.exploit-db.com/exploits/50822

This exploit demonstrates a command injection vulnerability in Tdarr 2.00.15 via the Help tab's FFmpeg/HandBrake terminal. The lack of input filtering allows command chaining to achieve remote code execution (RCE) without authentication.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: Tdarr 2.00.15
No auth needed
Prerequisites: Network access to the Tdarr server · Tdarr Help tab accessible
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Exploit, Third Party Advisory exploit
https://www.exploit-db.com/exploits/50822
Product product
https://tdarr.io
Third Party Advisory third-party-advisory
https://www.vulncheck.com/advisories/tdarr-command-injection

Scores

CVSS v3 9.8
EPSS 0.0119
EPSS Percentile 63.9%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable yes
Technical Impact total

Details

CWE
CWE-78
Status published
Products (1)
tdarr/tdarr 2.00.15
Published Jan 13, 2026
Tracked Since Feb 18, 2026