Executive Summary

[{'type': 'paragraph', 'content': 'CVE-2026-33154 is a high-severity Remote Code Execution (RCE) vulnerability in the Dynaconf Python package (versions up to 3.2.12). It arises from unsafe template evaluation in the @jinja resolver when the jinja2 package is installed. Dynaconf evaluates configuration values containing Jinja2 templates without sandboxing, allowing attackers to execute arbitrary operating system commands if they can influence configuration sources such as environment variables, .env files, container environments, or CI/CD secrets.'}, {'type': 'paragraph', 'content': "The vulnerability stems from Dynaconf's string resolvers lacking proper security boundaries. The @Jinja resolver renders templates using full Jinja2 evaluation without sandboxing, enabling attackers to access Python internal attributes and execute OS commands. Similarly, the @Format resolver uses Python string formatting on internal objects, allowing traversal of object graphs to access sensitive runtime objects and environment variables."}, {'type': 'paragraph', 'content': "For example, attackers can leverage the 'cycler' object to traverse Python globals, import the 'os' module, and execute commands via os.popen(). This can lead to arbitrary command execution on the host system."}] [1]

Useful 0 Not Useful 0

Impact Analysis

Successful exploitation of this vulnerability allows attackers to execute arbitrary operating system commands, access sensitive environment variables, and compromise application secrets such as API keys, database credentials, and service tokens.

Attackers can gain full control over the running application process, potentially leading to data breaches, service disruption, and unauthorized access to internal systems.

Since configuration values can originate from remote sources like CI/CD pipelines or container orchestration environments, this vulnerability can be exploited remotely, increasing the risk and impact.

Useful 0 Not Useful 0

Compliance Impact

I don't know

Useful 0 Not Useful 0

Detection Guidance

[{'type': 'paragraph', 'content': 'This vulnerability can be detected by checking if your system is running Dynaconf versions prior to 3.2.13 and if the jinja2 package is installed, as these versions evaluate Jinja2 templates without sandboxing, allowing potential remote code execution.'}, {'type': 'paragraph', 'content': 'You can attempt to detect exploitation by injecting malicious environment variables or configuration values containing Jinja2 template expressions that execute simple commands like `id` to see if they are evaluated. For example, setting an environment variable such as `DYNACONF_RCE` with a payload that tries to execute `id` via Jinja2 template syntax and observing if the command output is returned or logged.'}, {'type': 'paragraph', 'content': 'Additionally, monitoring logs or application behavior for unexpected command execution or errors related to template rendering can help detect exploitation attempts.'}, {'type': 'paragraph', 'content': "Specific commands to test might include setting environment variables or configuration entries with payloads like: `{{ cycler.__init__.__globals__.os.popen('id').read() }}` and checking if the output is executed or returned."}] [1]

Useful 0 Not Useful 0

Mitigation Strategies

The immediate and recommended mitigation is to upgrade Dynaconf to version 3.2.13 or later, where this vulnerability has been patched.

If upgrading is not immediately possible, restrict or avoid using the @Jinja and @Format resolvers with untrusted input, especially avoiding configuration values that can be influenced by external or remote sources such as environment variables, .env files, container environments, or CI/CD secrets.

Implement sandboxing for Jinja2 template evaluation by using `jinja2.sandbox.SandboxedEnvironment` to prevent unsafe operations and arbitrary code execution.

Review and sanitize all configuration inputs to ensure they do not contain malicious template expressions.

Useful 0 Not Useful 0