CVE-2026-33641

HIGH

Glances Vulnerable to Command Injection via Dynamic Configuration Values

Title source: cna

Exploitation Summary

EIP tracks 1 public exploit for CVE-2026-33641. PoCs published by best.sell.

AI-analyzed exploit summary This PoC demonstrates a command injection vulnerability in Glances versions prior to 4.5.3, where backtick-enclosed substrings in configuration files are executed as system commands. The exploit creates a malicious config file and verifies command execution by checking for a created file.

Description

Glances is an open-source system cross-platform monitoring tool. Prior to version 4.5.3, Glances supports dynamic configuration values in which substrings enclosed in backticks are executed as system commands during configuration parsing. This behavior occurs in Config.get_value() and is implemented without validation or restriction of the executed commands. If an attacker can modify or influence configuration files, arbitrary commands will execute automatically with the privileges of the Glances process during startup or configuration reload. In deployments where Glances runs with elevated privileges (e.g., as a system service), this may lead to privilege escalation. This issue has been patched in version 4.5.3.

Exploits (1)

exploitdb WORKING POC

by best.sell · pythonwebappsmultiple

https://www.exploit-db.com/exploits/52559

View Code ZIP pw:eip

This PoC demonstrates a command injection vulnerability in Glances versions prior to 4.5.3, where backtick-enclosed substrings in configuration files are executed as system commands. The exploit creates a malicious config file and verifies command execution by checking for a created file.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Glances 4.5.2 and below

No auth needed

Prerequisites: Glances installed (version 4.5.2 or below) · Ability to modify or influence Glances configuration files

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter T1203 - Exploitation for Client Execution

devstral-2 · analyzed May 14, 2026 Full analysis →

References (3)

Core 3

Core References

X_Refsource_Confirm x_refsource_confirm

https://github.com/nicolargo/glances/security/advisories/GHSA-qhj7-v7h7-q4c7

X_Refsource_Misc x_refsource_misc

https://github.com/nicolargo/glances/commit/358d76a225fc21a9f95d2c4d7e46fafe64a644c6

View Writeup ZIP pw:eip

X_Refsource_Misc x_refsource_misc

https://github.com/nicolargo/glances/releases/tag/v4.5.3

Scores

CVSS v3 7.8

EPSS 0.0087

EPSS Percentile 53.9%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact total

Details

CWE

CWE-78

Status published

Products (2)

nicolargo/glances < 4.5.3 (2 CPE variants)

pypi/Glances 0PyPI

Published Apr 02, 2026

Tracked Since Apr 02, 2026