CVE-2026-43617
4.8 MEDIUMRsync version 3.4.2 and prior contain an authorization bypass vulnerability in the rsync daemon's hostname-based access control list enfo...
Published: 2026-05-20 · Last updated: 2026-05-21
Severity and scoring
- CVSS
- 4.8 MEDIUM
- Vector
- CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
- CWE
- CWE-289
Affected products
| Vendor | Product |
|---|---|
| samba | rsync |
Description
Rsync version 3.4.2 and prior contain an authorization bypass vulnerability in the rsync daemon's hostname-based access control list enforcement when configured with chroot. Attackers can bypass hostname-based deny rules by controlling the PTR record for their source IP address, allowing connections from hostnames that administrators intended to deny when reverse DNS resolution fails and defaults to UNKNOWN.
Source: NVD
References
- [NVD]https://nvd.nist.gov/vuln/detail/CVE-2026-43617
- [Other]https://github.com/RsyncProject/rsync/releases/tag/v3.4.3
- [Vendor advisory]https://github.com/RsyncProject/rsync/security/advisories/GHSA-rjfm-3w2m-jf4f
- [Other]https://www.vulncheck.com/advisories/rsync-authorization-bypass-via-hostname-resolution
Related CVEs
Same vendor
- CVE-2026-4408 — A flaw was found in Samba (9.0 CRITICAL)
- CVE-2026-2340 — A flaw was found in Samba’s vfs_worm module (6.5 MEDIUM)
- CVE-2026-1933 — A flaw was found in Samba’s handling of NTFS-style reparse points on shares configured with read only = yes (7.1 HIGH)
- CVE-2026-3012 — A flaw was found in Samba’s certificate auto-enrollment Group Policy handling (8.0 HIGH)
- CVE-2026-4480 — A flaw was found in the Samba printing subsystem (9.0 CRITICAL)
Same CWE
- CVE-2026-50627 — The JwtAccessTokenValidator class in Apache CXF fails to validate the 'aud' (Audience) claims of incoming JWT access tokens
- CVE-2023-1803 — Authentication Bypass by Alternate Name vulnerability in DTS Electronics Redline Router firmware allows Authentication Bypass.This issue ... (9.8 CRITICAL)