Primary

Context

Cockpit Arbitrary Command Execution Vulnerability in System Logs UI

Vulnerability

A vulnerability in Cockpit's system logs user interface allows remote attackers to execute arbitrary commands on the host. This issue arises from unsanitized user-controlled parameters in crafted links, which can inject shell metacharacters and command substitutions. The vulnerability affects Red Hat Enterprise Linux versions 7, 8, 9, and 10, where Cockpit is installed and accessible. Exploitation could lead to a complete system compromise.

Impact

Successful exploitation allows for arbitrary command execution on the host, potentially leading to a complete system compromise.

Reproduction

The vulnerability can be reproduced by injecting shell metacharacters and command substitutions into the unsanitized user-controlled parameters of crafted links in the Cockpit system logs UI. This can be done by creating a link that includes these elements, which will then be executed as arbitrary shell commands on the affected system.

Added: May 11, 2026, 2:29 PM

Updated: May 11, 2026, 2:29 PM

Vulnerability Rating

Custom Algorithm

spread

5.7

impact

10.0

exploitability

7.2

remediation

7.9

relevance

8.0

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.7

impact

10.0

exploitability

7.2

remediation

7.9

relevance

8.0

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Cockpit Arbitrary Command Execution Vulnerability in System Logs UI

Vulnerability

Impact

Reproduction

Affected Products

Cockpit

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating