Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
5.8
CVE-2024-48911: OpenCanary: Malicious Config File Can Run Commands as Root
GHSA-pf5v-pqfv-x8jj
CVE-2024-48911
Summary
A security fix is available for OpenCanary, a network monitoring tool. Prior to version 0.9.4, a misconfigured OpenCanary setup could allow an attacker to execute commands with root privileges. Update to version 0.9.4 or later to protect your system.
What to do
- Update opencanary to version 0.9.5.
Affected software
| Ecosystem | Vendor | Product | Affected versions |
|---|---|---|---|
| pip | – | opencanary |
< 0.9.5 Fix: upgrade to 0.9.5
|
| – | thinkst | opencanary |
< 0.9.4 cpe:2.3:a:thinkst:opencanary:*:*:*:*:*:*:*:* |
Original title
OpenCanary, a multi-protocol network honeypot, directly executed commands taken from its config file. Prior to version 0.9.4, where the config file is stored in an unprivileged user directory but t...
Original description
OpenCanary, a multi-protocol network honeypot, directly executed commands taken from its config file. Prior to version 0.9.4, where the config file is stored in an unprivileged user directory but the daemon is executed by root, it’s possible for the unprivileged user to change the config file and escalate permissions when root later runs the daemon. Version 0.9.4 contains a fix for the issue.
ghsa CVSS3.1
7.8
ghsa CVSS4.0
5.8
Vulnerability type
CWE-863
Incorrect Authorization
- https://github.com/thinkst/opencanary/security/advisories/GHSA-pf5v-pqfv-x8jj
- https://github.com/thinkst/opencanary/commit/2c11575b1a3dd8b0df26a879ba856c0aa35...
- https://github.com/thinkst/opencanary/releases/tag/v0.9.4
- https://nvd.nist.gov/vuln/detail/CVE-2024-48911
- https://github.com/pypa/advisory-database/tree/main/vulns/opencanary/PYSEC-2024-...
- https://github.com/advisories/GHSA-pf5v-pqfv-x8jj
Published: 14 Oct 2024 · Updated: 15 Jun 2026 · First seen: 6 Mar 2026