CVE-2026-30225

MEDIUM EPSS 33.1%
Published Mar 6, 20263mo ago · Modified Jun 17, 20261w ago
4.3 CVSS 3.1
Medium
Find Similar
Published Mar 6, 2026 3mo ago
Last Modified Jun 17, 2026 1w ago

Description

OliveTin gives access to predefined shell commands from a web interface. Prior to version 3000.11.1, an authentication context confusion vulnerability in RestartAction allows a low‑privileged authenticated user to execute actions they are not permitted to run. RestartAction constructs a new internal connect.Request without preserving the original caller’s authentication headers or cookies. When this synthetic request is passed to StartAction, the authentication resolver falls back to the guest user. If the guest account has broader permissions than the authenticated caller, this results in privilege escalation and unauthorized command execution. This vulnerability allows a low‑privileged authenticated user to bypass ACL restrictions and execute arbitrary configured shell actions. This issue has been patched in version 3000.11.1.

CVSS Details

Base Score
4.3
Exploitability
2.8
Impact
1.4
Vector string
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Attack Vector Network
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity Low
Availability None

Threat Intelligence

EPSS Exploit Probability
33.1% percentile
Exploit & Patch Status
Public Exploit Known
Patch Available

Weaknesses 2

CWE-250
CWE-441

Affected Products 1

VendorProductVersionRange
olivetinolivetin* <3000.11.1

References 3

  • github.com https://github.com/OliveTin/OliveTin/commit/cb46a597b2465235839ed58cf034b5e7b70ef911
    Patch
  • github.com https://github.com/OliveTin/OliveTin/releases/tag/3000.11.1
    ProductRelease Notes
  • github.com https://github.com/OliveTin/OliveTin/security/advisories/GHSA-p443-p7w5-2f7f
    ExploitVendor Advisory

Remediation

  • github.com https://github.com/OliveTin/OliveTin/commit/cb46a597b2465235839ed58cf034b5e7b70ef911
    Patch