Primary

Context

Samba Command Injection Vulnerability in WINS Hook Allowing Remote Code Execution

Vulnerability

A command injection vulnerability has been identified in Samba's WINS hook handling on Active Directory Domain Controllers. Unsanitized NetBIOS names from WINS registration packets are passed to a shell command and executed, enabling an unauthenticated network attacker to execute arbitrary commands with the privileges of the Samba process, often as root on a domain controller.

Impact

Exploitation of this vulnerability allows for unauthorized execution of commands on the server, potentially leading to a full system compromise.

Remediation

Users can upgrade to Samba versions 4.23.2, 4.22.5, or 4.21.9, all of which include the necessary fix. Instructions for applying the patch can be found in the Samba security release announcements.

Added: Nov 7, 2025, 8:23 PM

Updated: Nov 7, 2025, 8:23 PM

Vulnerability Rating

Custom Algorithm

spread

6.8

impact

10.0

exploitability

7.0

remediation

7.7

relevance

0.9

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.8

impact

10.0

exploitability

7.0

remediation

7.7

relevance

0.9

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Samba Command Injection Vulnerability in WINS Hook Allowing Remote Code Execution

Vulnerability

Impact

Remediation

Affected Products

Samba

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating