top of page
perceptive_background_267k.jpg

Cockpit's remote login feature passes user-supplied hostnames and usernames from the web interface to the SSH client without validation or sanitization. An atta…

Published:

6 April 2026 at 22:00:00

Alert date:

7 April 2026 at 18:06:01

Source:

nvd.nist.gov

Click to open the original link from this advisory

Web Technologies, Operating Systems

Critical vulnerability in Cockpit's remote login feature allows command injection through unsanitized hostnames and usernames. Attackers with network access can exploit this via a single HTTP request to achieve code execution without valid credentials. The injection occurs during authentication flow before credential verification, making it exploitable without authentication. The vulnerability affects the SSH client integration in Cockpit's web interface.

Technical details

Mitigation steps:

Affected products:

Cockpit

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2026-4631
https://access.redhat.com/security/cve/CVE-2026-4631
https://bugzilla.redhat.com/show_bug.cgi?id=2450246

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Disclaimer: Deze website toont informatie afkomstig van externe bronnen. Perceptive aanvaardt geen verantwoordelijkheid voor de inhoud, juistheid of volledigheid van deze informatie.

bottom of page