CVE-2024-49379

MEDIUM

Umbrel < 1.2.2 - Reflected Cross-Site Scripting via Redirect Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2024-49379. PoCs published by OHDUDEOKNICE.

AI-analyzed exploit summary The repository contains a functional Python PoC for CVE-2024-49379, demonstrating an XSS vulnerability in UmbrelOS that can escalate to RCE via WebSocket manipulation. The exploit generates a malicious URL with a crafted payload targeting the `redirect` parameter.

Description

Umbrel is a home server OS for self-hosting. The login functionality of Umbrel before version 1.2.2 contains a reflected cross-site scripting (XSS) vulnerability in use-auth.tsx. An attacker can specify a malicious redirect query parameter to trigger the vulnerability. If a JavaScript URL is passed to the redirect parameter the attacker provided JavaScript will be executed after the user entered their password and clicked on login. This vulnerability is fixed in 1.2.2.

Exploits (1)

nomisec WORKING POC 1 stars

by OHDUDEOKNICE · poc

https://github.com/OHDUDEOKNICE/CVE-2024-49379

View Code ZIP pw:eip

The repository contains a functional Python PoC for CVE-2024-49379, demonstrating an XSS vulnerability in UmbrelOS that can escalate to RCE via WebSocket manipulation. The exploit generates a malicious URL with a crafted payload targeting the `redirect` parameter.

Classification

Working Poc 95%

Attack Type

Xss

Complexity

Moderate

Reliability

Reliable

Target: UmbrelOS versions prior to 1.2.2

No auth needed

Prerequisites: Victim must click on a malicious link · UmbrelOS instance must be accessible

MITRE ATT&CK

T1189 - Drive-by Compromise T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (3)

Core 3

Core References

Various Sources x_refsource_confirm

https://securitylab.github.com/advisories/GHSL-2024-164_Umbrel/

Patch x_refsource_misc

https://github.com/getumbrel/umbrel/commit/b83e3542650880bf1439419d00bf82285a7d2b22

View Patch ZIP pw:eip

Release Notes x_refsource_misc

https://github.com/getumbrel/umbrel/releases/tag/1.2.2

Scores

CVSS v4 5.3

EPSS 0.0123

EPSS Percentile 65.1%

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-79

Status published

Products (1)

getumbrel/umbrel < 1.2.2

Published Nov 13, 2024

Tracked Since Feb 18, 2026