Plattform
rust
Komponente
theshit
Behoben in
0.2.1
0.2.0
CVE-2026-21882 describes a local Privilege Escalation vulnerability within theshit. This flaw allows an attacker to execute arbitrary commands with root privileges due to improper privilege handling during command re-execution. The vulnerability impacts versions prior to 0.2.0, and a fix is available in version 0.2.0.
The vulnerability stems from the application's behavior of automatically re-executing previously failed commands without properly dropping elevated privileges. When theshit is launched with elevated privileges (e.g., using sudo), it records the last executed command. Upon subsequent execution, the application attempts to rerun this command, but fails to restore the original user context. Consequently, the re-executed command runs with root privileges, enabling an attacker to gain unauthorized access and control over the system. This could lead to complete system compromise, data exfiltration, and further malicious activities. The potential blast radius is significant, as any user with the ability to execute commands with the application can potentially trigger this escalation.
CVE-2026-21882 was publicly disclosed on 2026-03-02. Its severity is rated HIGH with a CVSS score of 8.4. There is currently no indication of active exploitation or listing on CISA KEV. Public proof-of-concept (POC) code is not yet available, but the vulnerability's nature suggests that a relatively straightforward exploit could be developed.
Systems where theshit is deployed and executed with elevated privileges (e.g., using sudo) are at significant risk. This includes development environments, automated build systems, and production servers where theshit is used for administrative tasks. Users who have configured theshit to run with root privileges are particularly vulnerable.
• rust / server:
ps aux | grep theshit• rust / supply-chain:
find / -name 'theshit' -type f -print• generic web:
curl -I http://localhost/theshitdisclosure
Exploit-Status
EPSS
0.02% (4% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2026-21882 is to upgrade to version 0.2.0 or later, which addresses the privilege escalation issue. If an immediate upgrade is not feasible, consider implementing temporary workarounds. Restricting the use of sudo or other privilege escalation mechanisms when running theshit can reduce the attack surface. Carefully review and audit any scripts or commands executed by the application to identify potential vulnerabilities. Monitor system logs for suspicious activity related to command execution and privilege changes. After upgrading, confirm the fix by attempting to re-execute a previously failed command with elevated privileges; the command should now execute with the original user's permissions.
Actualice la utilidad theshit a la versión 0.2.0 o posterior. Esto corrige la vulnerabilidad de escalada de privilegios local debido a un manejo incorrecto de la eliminación de privilegios durante la re-ejecución de comandos.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2026-21882 is a local Privilege Escalation vulnerability in theshit, allowing attackers to gain root access by exploiting improper privilege handling during command re-execution.
You are affected if you are using theshit versions prior to 0.2.0 and the application is executed with elevated privileges.
Upgrade to version 0.2.0 or later to remediate the vulnerability. If immediate upgrade is not possible, restrict sudo usage and implement strict input validation.
Currently, there is no confirmed active exploitation of CVE-2026-21882, but it is recommended to patch promptly due to its potential impact.
Refer to the official theshit project's website or repository for the advisory related to CVE-2026-21882.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.
Lade deine Cargo.lock-Datei hoch und wir sagen dir sofort, ob du betroffen bist.