CVE-2026-29514
published 2026-05-04CVE-2026-29514: NetBox versions 4.3.5 through 4.5.4 contain a remote code execution vulnerability in the RenderTemplateMixin.get_environment_params() method that allows…
PriorityP263high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
0.78%
51.4th percentile
NetBox versions 4.3.5 through 4.5.4 contain a remote code execution vulnerability in the RenderTemplateMixin.get_environment_params() method that allows authenticated users with exporttemplate or configtemplate permissions to execute arbitrary code by specifying malicious Python callables in the environment_params field. Attackers can bypass Jinja2 SandboxedEnvironment protections by setting the finalize parameter to any importable Python callable such as subprocess.getoutput, which is invoked on every rendered expression outside the sandbox's call interception mechanism, achieving remote code execution as the NetBox service user.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| netbox-community | netbox | 4.3.5 – 4.5.4 | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Look for HTTP requests to NetBox export/config template endpoints where the `environment_params` field contains a `finalize` key referencing an importable Python callable (e.g., `subprocess.getoutput`) ↗
- →Monitor NetBox application logs for authenticated requests from users holding `exporttemplate` or `configtemplate` permissions that include `environment_params` in POST body payloads ↗
- →Audit calls to `RenderTemplateMixin.get_environment_params()` in NetBox source/runtime for unexpected `finalize` values pointing to OS-level callables such as `subprocess.getoutput`, `os.system`, or `os.popen` ↗
- →Alert on NetBox process spawning unexpected child processes (e.g., shell commands) as the NetBox service user, which would indicate successful exploitation via the finalize callable injection ↗
- ·Vulnerability affects only NetBox versions 4.3.5 through 4.5.4; instances outside this range are not affected ↗
- ·Exploitation requires authentication AND the attacker's account must hold `exporttemplate` or `configtemplate` permissions; unauthenticated or low-privilege users cannot trigger this vulnerability ↗
- ·The Jinja2 SandboxedEnvironment is bypassed specifically via the `finalize` parameter mechanism, meaning sandbox-based detections alone are insufficient to catch exploitation ↗
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv4.08.7HIGHCVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
NetBox up to 4.5.4 RenderTemplateMixin.get_environment_params finalize permissive list of allowed inputs (EUVD-2026-26997)
vuldb·2026-05-04·CVSS 8.7
CVE-2026-29514 [HIGH] NetBox up to 4.5.4 RenderTemplateMixin.get_environment_params finalize permissive list of allowed inputs (EUVD-2026-26997)
A vulnerability identified as critical has been detected in NetBox up to 4.5.4. This impacts the function RenderTemplateMixin.get_environment_params. This manipulation of the argument finalize causes permissive list of allowed inputs.
This vulnerability is registered as CVE-2026-29514. Remote exploitation of the attack is possible. No exploit is available.
GHSA
GHSA-f249-4qx6-hg68: NetBox versions 4
ghsa_unreviewed·2026-05-04
CVE-2026-29514 [HIGH] CWE-183 GHSA-f249-4qx6-hg68: NetBox versions 4
NetBox versions 4.3.5 through 4.5.4 contain a remote code execution vulnerability in the RenderTemplateMixin.get_environment_params() method that allows authenticated users with exporttemplate or configtemplate permissions to execute arbitrary code by specifying malicious Python callables in the environment_params field. Attackers can bypass Jinja2 SandboxedEnvironment protections by setting the finalize parameter to any importable Python callable such as subprocess.getoutput, which is invoked on every rendered expression outside the sandbox's call interception mechanism, achieving remote code execution as the NetBox service user.
No detection rules found.
No public exploits indexed.
https://chocapikk.com/posts/2026/netbox-export-template-rce/https://github.com/netbox-community/netbox/commit/d124c5fe86e12aad61285133c0caf16adcda8f2ehttps://github.com/netbox-community/netbox/issues/22079https://github.com/netbox-community/netbox/pull/22078https://github.com/netbox-community/netbox/pull/22170https://github.com/netbox-community/netbox/releases/tag/v4.6.1https://www.vulncheck.com/advisories/netbox-rce-via-rendertemplatemixin
2026-05-04
Published