HarborGuardharborguardDatabase
Back to search
CRITICALCVE-2026-49980Published Modified CNA GitHub_M

CVE-2026-49980: Rclone: Unauthenticated command execution in `rclone rcd --rc-serve` via inline remote instantiation, bypassing CVE-2026-41179 fix

Rclone is a command-line program to sync files and directories to and from different cloud storage providers. From 1.46.0 until 1.74.3, rclone rcd --rc-serve accepts unauthenticated GET and HEAD requests to paths of the form: /[remote:path]/object. The remote value is parsed from the URL and passed to normal backend initialization. Inline remote configuration can set backend options that execute local commands during initialization. As a result, a single unauthenticated GET or HEAD request can execute a command as the rclone process user. This vulnerability is fixed in 1.74.3.

Metrics

CVSS v3.1
9.8
Severity
CRITICAL
Fixed in
Affected Products
1

Get notified

Email me when this CVE is updated: new fix versions, severity changes, or any record change.

HarborGuard Analysis

Synopsis

This is an unauthenticated remote command execution vulnerability in Rclone's rcd HTTP daemon (versions 1.46.0 through 1.74.3). When the daemon is started with --rc-serve, it accepts GET and HEAD requests at paths that encode a remote backend specification inline in the URL; because the backend is initialized from that attacker-controlled string without any authentication check, an attacker can pass backend options that trigger local command execution as the rclone process user. Successful exploitation gives the attacker full code execution on the host running rclone, with no credentials required. No fix version is currently published; HarborGuard tracks the advisory for patch availability.

HarborGuard Coverage

Detection

Detection of CVE-2026-49980 is available across every HarborGuard environment: the CVE is ingested from upstream feeds (NVD, GitHub Advisory Database, and CNA feeds) within minutes of publication and matched against all customer images, including custom-built images that bundle the rclone binary directly. Any image containing rclone in the affected version range (1.46.0 to below 1.74.3) is flagged immediately.

Available
Triage

Triage is available using the CVSS v3.1 base score of 9.8 (Critical), applied against each environment's compliance policy weighting to prioritize alerting. Findings are routed to the appropriate team inbox within each customer organization based on configured ownership rules for the affected image or workload.

Available
Patch

Because no upstream fix version has been published yet, HarborGuard re-checks the advisory on every ingest cycle and will make a patched-image rebuild available the moment the upstream fix is released. In the interim, HarborGuard surfaces compensating-control recommendations (described below) to help customers reduce exposure until a patch is available.

Pending upstream

Exploit Conditions

  • Network reachabilityRequired

    The attacker must reach the rclone rcd HTTP daemon over the network; the service is exposed on a TCP port and can be targeted from any network-accessible host.

  • AuthenticationNot required

    No credentials or session token are needed; the vulnerable request path accepts unauthenticated GET and HEAD requests.

  • Victim interactionNot required

    The attacker sends a single crafted HTTP request with no user interaction required on the part of any operator or end user.

  • Attack complexityDetail

    The exploit is reliable and condition-free; no race conditions, memory layout knowledge, or environmental prerequisites are needed beyond network access to the daemon.

Blast Radius

  • The attacker executes arbitrary operating system commands as the user account running the rclone process, gaining a foothold on the host.
  • Any files, cloud credentials, or secrets readable by the rclone process user are exposed to the attacker.
  • The attacker can write or delete files accessible to the rclone process, including any cloud storage paths that rclone has configured credentials for.
  • The rclone process and any dependent services can be crashed or disrupted by the attacker at will.

How HarborGuard Handles This

Available on HarborGuard: every image containing rclone 1.46.0 or later (up to the patched version once published) is continuously matched against this advisory. Because no upstream fix exists yet, HarborGuard will surface the finding at Critical severity in each affected environment and route it per each organization's compliance policy. As compensating controls, teams running rclone rcd should consider applying network policy to restrict inbound access to the rcd port to known-trusted CIDR ranges only, enabling rclone's own --rc-user and --rc-pass authentication flags as an interim mitigation, and isolating the rclone container so it cannot access host credential stores or sensitive mounts. For customers who opt into auto-remediation, a patched-image rebuild and regression run will be triggered automatically the moment an upstream fix version is published, with a PR opened against affected workloads. HarborGuard will re-check the advisory each ingest cycle so no manual monitoring is required.

See how HarborGuard automates this
Affected packages
  • rclone / rclone
    >= 1.46.0, < 1.74.3
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
References