2 matches found
CVE-2026-29514 NetBox 4.3.5 - 4.5.4 RCE via RenderTemplateMixin
NetBox versions 4.3.5 through 4.5.4 contain a remote code execution vulnerability in the RenderTemplateMixin.getenvironmentparams method that allows authenticated users with exporttemplate or configtemplate permissions to execute arbitrary code by specifying malicious Python callables in the...
PT-2026-36830
Name of the Vulnerable Software and Affected Versions NetBox versions 4.3.5 through 4.5.4 Description An issue in the RenderTemplateMixin.get environment params method allows authenticated users with exporttemplate or configtemplate permissions to execute arbitrary code. By specifying malicious...