Primary

Context

OpenBullet2 Remote Code Execution Vulnerability via FileProxySource Script Upload

Vulnerability

A remote code execution vulnerability has been identified in OpenBullet2 versions through 0.3.2. This vulnerability allows authenticated users to execute arbitrary commands by uploading script files with extensions .bat, .ps1, or .sh through the FileProxySource proxy loading feature. Once uploaded as proxy sources, the server executes these scripts and returns the output as proxy lines, enabling command execution on the host as the process user.

Impact

Exploitation of this vulnerability allows for arbitrary command execution on the host system.

Reproduction

To reproduce this vulnerability, upload a script file with a .bat, .ps1, or .sh extension through the FileProxySource proxy loading feature in OpenBullet2. The server will execute the uploaded script and return the output as proxy lines, indicating that the command has been executed on the host.

Remediation

Set a random API key in the OpenBullet2 settings to prevent unauthorized access.

Added: Jun 8, 2026, 6:12 PM

Updated: Jun 8, 2026, 6:12 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

6.6

remediation

0.0

relevance

9.2

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

6.6

remediation

0.0

relevance

9.2

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

OpenBullet2 Remote Code Execution Vulnerability via FileProxySource Script Upload

Vulnerability

Impact

Reproduction

Remediation

Affected Products

OpenBullet2

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating