Description
Runtipi is a Docker-based, personal homeserver orchestrator that facilitates multiple services on a single server. Versions 3.7.0 and above allow an authenticated user to execute arbitrary system commands on the host server by injecting shell metacharacters into backup filenames. The BackupManager fails to sanitize the filenames of uploaded backups. The system persists user-uploaded files directly to the host filesystem using the raw originalname provided in the request. This allows an attacker to stage a file containing shell metacharacters (e.g., $(id).tar.gz) at a predictable path, which is later referenced during the restore process. The successful storage of the file is what allows the subsequent restore command to reference and execute it. This issue has been fixed in version 4.7.0.
Published: 2026-01-22
Score: 8.1 High
EPSS: < 1% Very Low
KEV: No
Impact: Remote Code Execution
Action: Immediate Patch
AI Analysis

Impact

The flaw allows an authenticated user to run arbitrary system commands on the host by embedding shell metacharacters into a backup filename. During upload the BackupManager stores the file using the original name without sanitization. When a restore request later references that file, the host interprets the special characters and executes them, giving the attacker control over the server.

Affected Systems

This vulnerability affects runtipi runtipi versions 3.7.0 and newer. The issue was fixed in release 4.7.0, which includes proper validation of backup filenames before storage and restoration.

Risk and Exploitability

The severity is high with a CVSS score of 8.1, but the current EPSS score is below 1% indicating a very low probability of exploitation in the wild. The vulnerability does not yet appear in the CISA KEV catalog. Exploitation requires the attacker to have authenticated access to the application and to trigger a backup upload followed by a restore operation. The attack vector is therefore likely a trusted environment or an internal network where legitimate users or compromised accounts can interact with the backup feature.

Generated by OpenCVE AI on April 18, 2026 at 03:30 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update runs to runtipi v4.7.0 or later, where backup filenames are properly sanitized.
  • If immediate update is not possible, restrict or remove access to the backup upload and restore endpoints for all users while remediation is pending.
  • Alternatively, disable the container’s write permissions to the host filesystem or move backup storage to a non‑executable location to limit the impact of any residual injection.

Generated by OpenCVE AI on April 18, 2026 at 03:30 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 26 Feb 2026 21:45:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:runtipi:runtipi:*:*:*:*:*:*:*:*

Fri, 23 Jan 2026 20:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Fri, 23 Jan 2026 16:45:00 +0000

Type Values Removed Values Added
First Time appeared Runtipi
Runtipi runtipi
Vendors & Products Runtipi
Runtipi runtipi

Thu, 22 Jan 2026 23:00:00 +0000

Type Values Removed Values Added
Description Runtipi is a Docker-based, personal homeserver orchestrator that facilitates multiple services on a single server. Versions 3.7.0 and above allow an authenticated user to execute arbitrary system commands on the host server by injecting shell metacharacters into backup filenames. The BackupManager fails to sanitize the filenames of uploaded backups. The system persists user-uploaded files directly to the host filesystem using the raw originalname provided in the request. This allows an attacker to stage a file containing shell metacharacters (e.g., $(id).tar.gz) at a predictable path, which is later referenced during the restore process. The successful storage of the file is what allows the subsequent restore command to reference and execute it. This issue has been fixed in version 4.7.0.
Title Runtipi is Vulnerable to Authenticated Arbitrary Remote Code Execution
Weaknesses CWE-78
References
Metrics cvssV3_1

{'score': 8.1, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H'}

Subscriptions

Runtipi Runtipi
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-01-23T20:05:30.478Z

Reserved: 2026-01-21T18:38:22.474Z

Link: CVE-2026-24129

cve-icon Vulnrichment

Updated: 2026-01-23T20:05:26.084Z

cve-icon NVD

Status : Analyzed

Published: 2026-01-22T23:15:58.303

Modified: 2026-02-26T21:38:33.640

Link: CVE-2026-24129

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-18T03:30:25Z

Weaknesses