Cyber Resilience

CVE-2026-41179

CriticalPublic PoCRCEUpdated

Published: 23 April 2026

Published
23 April 2026
Modified
30 June 2026
KEV Added
Patch
CVSS Score v4 9.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0838 94.3th percentile
Risk Priority 70 floored blend · peak EPSS

Summary

CVE-2026-41179 is a critical-severity OS Command Injection (CWE-78) vulnerability in Rclone Rclone. Its CVSS base score is 9.2 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 5.7% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and SI-10 (Information Input Validation).

Deeper analysis

Rclone is a command-line tool used to synchronize files with various cloud storage providers. CVE-2026-41179 affects the remote control (RC) interface in versions 1.48.0 through 1.73.4. The vulnerability stems from the operations/fsinfo endpoint being exposed without requiring authentication and accepting attacker-supplied fs parameters. Because rc.GetFs supports inline backend definitions, an unauthenticated caller can instantiate an arbitrary backend; when the WebDAV backend is selected, its bearer_token_command configuration is executed during initialization, resulting in unauthenticated local command execution.

An attacker with network access to a reachable Rclone RC deployment that lacks global HTTP authentication can send a single crafted request to operations/fsinfo. By supplying an inline WebDAV backend definition containing a malicious bearer_token_command, the attacker achieves arbitrary command execution on the host running Rclone. The issue is tracked under CWE-78 (OS command injection) and CWE-306 (missing authentication for critical function) and carries a CVSS 4.0 score of 9.2.

The vulnerability is fixed in Rclone 1.73.5. The patch, referenced in commit 2a9e952b38e03a96bf40c9eb6e8e22199865ee3b and the corresponding v1.73.5 release notes, enforces AuthRequired on the affected endpoint and prevents unauthenticated instantiation of attacker-controlled backends. The EPSS score rose from a low baseline to a peak of 0.0960 before settling at 0.0683, indicating measurable post-disclosure exploitation interest that warrants renewed attention for exposed deployments.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

Rclone is a command-line program to sync files and directories to and from different cloud storage providers. Starting in version 1.48.0 and prior to version 1.73.5, the RC endpoint `operations/fsinfo` is exposed without `AuthRequired: true` and accepts attacker-controlled `fs` input.…

more

Because `rc.GetFs(...)` supports inline backend definitions, an unauthenticated attacker can instantiate an attacker-controlled backend on demand. For the WebDAV backend, `bearer_token_command` is executed during backend initialization, making single-request unauthenticated local command execution possible on reachable RC deployments without global HTTP authentication. Version 1.73.5 patches the issue.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

The vulnerability enables unauthenticated remote code execution via a crafted request to the exposed public-facing RC endpoint (`operations/fsinfo`) in Rclone, directly mapping to T1190: Exploit Public-Facing Application.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-41176Same product: Rclone Rclone
CVE-2026-34176Shared CWE-78
CVE-2020-37125Shared CWE-78
CVE-2025-58083Shared CWE-306
CVE-2026-27446Shared CWE-306
CVE-2025-3646Shared CWE-306
CVE-2025-48703Shared CWE-78
CVE-2025-64111Shared CWE-78
CVE-2025-52665Shared CWE-306
CVE-2026-26340Shared CWE-306

Affected Assets

rclone
rclone
1.48.0 — 1.73.5

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Enforces authentication and authorization on the operations/fsinfo RC endpoint, directly blocking the unauthenticated attacker-controlled fs parameter that triggers backend instantiation.

prevent

Validates the attacker-supplied fs input and inline backend definition, preventing the malicious bearer_token_command that produces OS command execution during WebDAV initialization.

prevent

Restricts the privileges available to the RC service so that even an instantiated attacker backend cannot execute arbitrary local commands.

References