CVE-2026-43617
MEDIUMRsync < 3.4.3 Authorization Bypass via Hostname Resolution
Title source: cnaDescription
Rsync version 3.4.2 and prior contain an authorization bypass vulnerability in the rsync daemon's hostname-based access control list enforcement when configured with chroot. Attackers can bypass hostname-based deny rules by controlling the PTR record for their source IP address, allowing connections from hostnames that administrators intended to deny when reverse DNS resolution fails and defaults to UNKNOWN.
References (3)
Core 3
Core References
Vendor Advisory vendor-advisory
https://github.com/RsyncProject/rsync/security/advisories/GHSA-rjfm-3w2m-jf4f
Release Notes release-notes
https://github.com/RsyncProject/rsync/releases/tag/v3.4.3
Third Party Advisory third-party-advisory
https://www.vulncheck.com/advisories/rsync-authorization-bypass-via-hostname-resolution
Scores
CVSS v3
4.8
EPSS
0.0001
EPSS Percentile
1.3%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-289
Status
published
Products (2)
RsyncProject/rsync
< 3.4.3
samba/rsync
< 3.4.2
Published
May 20, 2026
Tracked Since
May 20, 2026