AI description
CVE-2026-4408 describes a flaw found in Samba, specifically impacting Samba file servers and classic domain controllers that utilize the "check password script" feature. The vulnerability arises when this script is configured to use the `%u` substitution character, which passes a client-controlled username without proper escaping of shell meta-characters. This misconfiguration allows a remote attacker to achieve remote command execution on the affected system. The issue primarily affects non-standard configurations where the "check password script" is employed with `%u` and the `samba-dcerpcd` service is running as a system service.
- Description
- A flaw was found in Samba. A remote attacker can exploit a misconfiguration in Samba file servers and classic domain controllers that use the "check password script" feature. If this script is configured with the %u substitution character, the client-controlled username is passed without proper escaping of shell meta-characters. This vulnerability allows an attacker to achieve remote command execution on the affected system. This issue primarily affects non-standard configurations where the "check password script" is used with %u and the samba-dcerpcd service is started as a system service.
- Source
- secalert@redhat.com
- NVD status
- Undergoing Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 9
- Impact score
- 6
- Exploitability score
- 2.2
- Vector string
- CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
- Severity
- CRITICAL
- secalert@redhat.com
- CWE-78
- Hype score
- Not currently trending
⚠️ Vulnerabilidades en productos Samba ❗ CVE-2026-4480 ❗ CVE-2026-4408 ❗ CVE-2026-3012 ➡️ Más info: https://t.co/B1yfTtTuWW https://t.co/tDy1a4OFXL
@CERTpy
3 Jun 2026
70 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Sambaに2件の致命的な脆弱性-CVE-2026-4408とCVE-2026-4480|セキュリティ対策Lab https://t.co/xX9BTAA1fc "CVSS 10.0と評価された2件の認証不要リモートコード実行な脆弱性です。CVE-2026-4480はSambaの印刷サブシステム、CVE-2026-4408
@catnap707
2 Jun 2026
168 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Sambaに2件の致命的な脆弱性-CVE-2026-4408とCVE-2026-4480 https://t.co/MChVczM4fZ #セキュリティ対策Lab #security #securitynews
@securityLab_jp
2 Jun 2026
110 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
SambaがCVSSスコア10の脆弱性2件を修正。印刷サブシステムのCVE-2026-4480とパスワード検証のCVE-2026-4408。その他、高深刻度のもの2件を含む複数の脆弱性も修正されている。 https://t.co/Zf5ERcKYKr
@__kokumoto
29 May 2026
809 Impressions
0 Retweets
7 Likes
2 Bookmarks
0 Replies
0 Quotes
Recent critical CVEs (e.g., CVE-2026-4408, CVE-2026-32999) with active exploits threaten network security, risking data privacy and integrity in transit. Immediate patching is vital. #Cybersecurity #ZeroDay #News
@YourAnon_irc
28 May 2026
45 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2026-4408 — CVSS 9/10 █████████░ A flaw was found in Samba. A remote attacker can exploit a misconfiguration in Samba file servers and classic domain... Severity: CRITICAL Patch now. #cybersecurity #CVE https://t.co/x9FSEWChoK
@OrizonCyber
28 May 2026
88 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Warning: #Samba has released a security bulletin covering six #CVEs including #CVE-2026-4480 (CVSS:10.0) and #CVE-2026-4408 (CVSS:10.0). Both lead to Remote Code Execution #RCE. Find out more at https://t.co/8k3sdo9b6e #Patch #Patch #Patch
@CCBalert
27 May 2026
220 Impressions
2 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes