NetBox Remote Code Execution Vulnerability via Jinja2 Sandbox Bypass in Export and Config Templates

A remote code execution vulnerability has been identified in NetBox versions 4.3.5 prior to 4.5.4. The issue arises in the RenderTemplateMixin.get_environment_params() method, where authenticated users with exporttemplate or configtemplate permissions can execute arbitrary code. This is achieved by injecting malicious Python callables into the environment_params field, which are then executed during template rendering. The vulnerability bypasses Jinja2's SandboxedEnvironment protections by using the finalize parameter to introduce importable Python callables, such as subprocess.getoutput, into the rendering process. As a result, the injected code is executed with the privileges of the NetBox service user.

Impact

Exploitation of this vulnerability leads to remote code execution on the server, with the executed code running as the NetBox service user. In Docker deployments, this user has root group privileges, allowing access to sensitive data such as database credentials, session signing keys, and network access to backend services like PostgreSQL and Redis.

Reproduction

To reproduce this vulnerability, deploy a NetBox instance using the official Docker image. Create a low-privileged user with the necessary permissions to add and view export templates. After authenticating and obtaining an API token for this user, create an export template that includes a Jinja2 template code payload designed to execute a command via the finalize parameter. Once the template is created, trigger the rendering process, which will execute the injected command and return the output in the response.

Remediation

NetBox has released a patch for this vulnerability in version 4.5.5. Users should update to this version. For those using the Docker image, ensure to pull the latest version.