Plattform
windows
Komponente
sonarr
Behoben in
4.0.1
CVE-2026-30976 describes a Path Traversal vulnerability discovered in Sonarr, a PVR (Personal Video Recorder) application. This vulnerability allows an unauthenticated remote attacker to potentially read any file accessible by the Sonarr process. The issue affects Sonarr versions 4.0 and above, excluding 4.0.17.2950, and has been patched in that version.
The impact of this vulnerability is significant due to the potential for unauthorized access to sensitive information. An attacker could exploit this flaw to read application configuration files, which often contain API keys and database credentials. Compromise of these credentials could lead to complete control over the Sonarr instance and potentially access to the underlying database. Furthermore, the attacker could read Windows system files and any user-accessible files on the same drive as the Sonarr installation, expanding the potential scope of the breach. This vulnerability highlights the importance of proper input validation and access controls to prevent unauthorized file access.
This vulnerability was publicly disclosed on March 25, 2026. There is currently no indication of active exploitation in the wild, nor are there any publicly available proof-of-concept exploits. The vulnerability is not currently listed on the CISA KEV catalog. Given the relatively recent disclosure and lack of public exploits, the probability of exploitation is currently considered low.
Organizations running Sonarr on Windows systems, particularly those with exposed APIs or weak network security, are at significant risk. Shared hosting environments where multiple users share the same server instance are also vulnerable, as an attacker could potentially exploit this vulnerability to access data belonging to other users.
• windows / supply-chain:
Get-Process -Name Sonarr | Select-Object -ExpandProperty Path• windows / supply-chain:
Get-ScheduledTask | Where-Object {$_.TaskName -like '*Sonarr*'}• windows / supply-chain:
reg query "HKLM\Software\Sonarr" /v APIKey• generic web:
curl -I http://sonarr.example.com/../../../../etc/passwddisclosure
Exploit-Status
EPSS
0.06% (19% Perzentil)
CISA SSVC
The primary mitigation for CVE-2026-30976 is to upgrade Sonarr to version 4.0.17.2950 or later. This version includes a fix that restricts file access to the intended directory. If upgrading immediately is not possible, consider implementing temporary workarounds such as restricting file system permissions for the Sonarr user account to only the necessary directories. Additionally, review and rotate any API keys or database credentials that may have been exposed. Monitor Sonarr logs for any unusual file access attempts. After upgrading, confirm the fix by attempting to access files outside the intended directory via the Sonarr API; access should be denied.
Actualice Sonarr a la versión 4.0.17.2950 o superior. Como alternativa, asegúrese de que Sonarr solo sea accesible desde una red interna segura y acceda a él a través de VPN, Tailscale o una solución similar fuera de esa red.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2026-30976 is a Path Traversal vulnerability in Sonarr versions 4.0 through 4.0.17.2949, allowing unauthorized file access.
You are affected if you are running Sonarr versions 4.0 and before 4.0.17.2950 on a Windows system.
Upgrade Sonarr to version 4.0.17.2950 or later. Consider WAF rules as a temporary workaround.
There is currently no confirmed active exploitation, but the vulnerability's ease of exploitation suggests potential for future attacks.
Refer to the Sonarr blog and GitHub repository for official announcements and updates regarding this vulnerability.
CVSS-Vektor
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.