CVE-2026-45626
Command Injection in Arcane Docker Management Interface
Publication date: 2026-05-29
Last updated on: 2026-05-29
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| getarcaneapp | arcane | to 1.18.1 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-78 | The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-45626 is an OS Command Injection vulnerability in the Arcane application's Volume Browser ListDirectory functionality. It occurs because the 'path' query parameter in the GET /environments/{id}/volumes/{volumeName}/browse endpoint is passed directly to a shell command inside an Arcane helper container without proper sanitization.
Although the path sanitizer blocks directory traversal sequences like "../", it does not remove Bourne-shell metacharacters such as $(), backticks, ;, &, |, or >. Additionally, the strconv.Quote function only escapes Go string metacharacters and does not prevent shell substitution sequences, allowing an attacker to inject arbitrary shell commands.
Any authenticated user with access to a browseable volume can exploit this to execute arbitrary commands inside the helper container. The output of these commands is reflected back in HTTP 500 error responses.
How can this vulnerability impact me? :
This vulnerability allows an authenticated user to execute arbitrary commands inside the Arcane helper container, potentially leading to unauthorized actions within that container.
Although the helper container is isolated with network disabled, no privileged mode, and read-only volume mounts, limiting the impact, attackers can bypass API restrictions such as symlink censorship and file size limits.
Attackers can also exfiltrate data via error messages returned by the server. Additionally, a secondary issue allows a destructive command (rm -rf /volume) to be triggered via the DELETE endpoint with a specific path parameter.
Overall, the vulnerability has moderate severity (CVSS 6.3) and can impact confidentiality, integrity, and availability within the scope of the helper container.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by attempting to exploit the command injection via the GET /environments/{id}/volumes/{volumeName}/browse endpoint with crafted path query parameters containing Bourne-shell metacharacters such as $() or backticks.
If the system is vulnerable, executing such requests as an authenticated user may cause the helper container to execute arbitrary commands, with the command output reflected in HTTP 500 error responses.
A detection approach could involve sending a request with a path parameter designed to execute a harmless command, for example:
- curl -i -H "Authorization: Bearer <token>" "https://<arcane-host>/environments/<id>/volumes/<volumeName>/browse?path=$(id)"
If the response contains output from the 'id' command inside the error body, it indicates the vulnerability is present.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include upgrading Arcane to a version later than 1.18.1 where this vulnerability is fixed.
If upgrading is not immediately possible, restrict access to the Arcane API to trusted users only, as the vulnerability requires authenticated access.
Additionally, monitor and audit API usage for suspicious requests containing shell metacharacters in the path parameter.
Consider disabling or limiting the use of the Volume Browser functionality until a patch is applied.