{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata — refreshed continuously.","feed_url":"https://feed.craftedsignal.io/tags/pyload/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cves":[{"cvss":8.8,"id":"CVE-2026-41133"}],"_cs_exploited":false,"_cs_products":[],"_cs_severities":["high"],"_cs_tags":["pyLoad","privilege-escalation","CVE-2026-41133"],"_cs_type":"advisory","_cs_vendors":[],"content_html":"\u003cp\u003epyLoad, a free and open-source download manager written in Python, is vulnerable to a privilege escalation issue. Specifically, versions up to and including 0.5.0b3.dev97 cache user \u003ccode\u003erole\u003c/code\u003e and \u003ccode\u003epermission\u003c/code\u003e data within the session upon login. This cached data is then used to authorize subsequent requests, even if an administrator modifies the user\u0026rsquo;s roles or permissions directly in the database. Consequently, a user who is already logged in retains their original, possibly revoked, privileges until they log out or their session expires. This vulnerability, identified as CVE-2026-41133, stems from a core authorization/session-consistency flaw within pyLoad and allows for potentially unauthorized actions to be performed. The fix for this vulnerability is included in commit e95804fb0d06cbb07d2ba380fc494d9ff89b68c1.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAn attacker gains initial access to a pyLoad user account, either through credential compromise or other means.\u003c/li\u003e\n\u003cli\u003eThe attacker logs into pyLoad, establishing a session. The user\u0026rsquo;s roles and permissions are cached within this session.\u003c/li\u003e\n\u003cli\u003eA pyLoad administrator revokes specific privileges or changes the role associated with the attacker\u0026rsquo;s account in the pyLoad database.\u003c/li\u003e\n\u003cli\u003eThe attacker, still logged in with the existing session, attempts to perform an action that should now be unauthorized given the administrator\u0026rsquo;s changes.\u003c/li\u003e\n\u003cli\u003epyLoad authorizes the action based on the cached roles and permissions stored in the session, effectively bypassing the updated authorization settings.\u003c/li\u003e\n\u003cli\u003eThe attacker successfully completes the privileged action. This could involve accessing sensitive data, modifying system settings, or initiating unauthorized downloads.\u003c/li\u003e\n\u003cli\u003eThe attacker continues to exploit the stale session data to perform further unauthorized actions, maintaining escalated privileges until session expiry or logout.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of CVE-2026-41133 can lead to significant privilege escalation within pyLoad. An attacker with a compromised account can retain administrative-level access even after their permissions have been revoked. The scope of the impact depends on the specific privileges granted to the compromised user and the actions they are able to perform within pyLoad. This could potentially lead to unauthorized access to downloaded files, modification of download settings, or disruption of the download manager\u0026rsquo;s functionality.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eApply the patch provided in commit e95804fb0d06cbb07d2ba380fc494d9ff89b68c1 to address the vulnerability.\u003c/li\u003e\n\u003cli\u003eMonitor pyLoad logs for any suspicious activity following user permission changes, particularly attempts to access restricted functions, to detect potential exploitation attempts related to CVE-2026-41133.\u003c/li\u003e\n\u003cli\u003eImplement stricter session management policies, such as shorter session timeouts, to minimize the window of opportunity for attackers to exploit this vulnerability.\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rule \u003ccode\u003eDetectPyLoadPrivilegeEscalation\u003c/code\u003e to identify potential exploit attempts.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-04-22T00:16:29Z","date_published":"2026-04-22T00:16:29Z","id":"/briefs/2024-01-02-pyload-privesc/","summary":"pyLoad versions up to 0.5.0b3.dev97 cache user roles and permissions in the session, leading to privilege escalation even after an admin revokes privileges.","title":"pyLoad Privilege Escalation Vulnerability (CVE-2026-41133)","url":"https://feed.craftedsignal.io/briefs/2024-01-02-pyload-privesc/"},{"_cs_actors":[],"_cs_cves":[{"cvss":7.5,"id":"CVE-2026-33509"}],"_cs_exploited":false,"_cs_products":[],"_cs_severities":["critical"],"_cs_tags":["pyLoad","rce","pickle","deserialization","webserver"],"_cs_type":"advisory","_cs_vendors":[],"content_html":"\u003cp\u003epyLoad, a download manager, is susceptible to arbitrary code execution due to an insecure configuration option related to the storage folder. This vulnerability arises from the incomplete fix for CVE-2026-33509. Specifically, the \u003ccode\u003estorage_folder\u003c/code\u003e option is not included in the \u003ccode\u003eADMIN_ONLY_OPTIONS\u003c/code\u003e set, which allows users with \u003ccode\u003eSETTINGS\u003c/code\u003e and \u003ccode\u003eADD\u003c/code\u003e permissions to modify it. By redirecting downloads to the Flask filesystem session store, an attacker can plant a malicious pickle payload as a predictable session file. Subsequently, any HTTP request containing the corresponding crafted session cookie will trigger the deserialization of the payload, resulting in arbitrary code execution. This issue affects pyLoad versions up to and including 0.5.0b3. The observed exploitation involves manipulating the download directory to write malicious files into the Flask session store, ultimately leading to code execution on the host.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAn attacker gains a non-admin user account with both \u003ccode\u003eSETTINGS\u003c/code\u003e and \u003ccode\u003eADD\u003c/code\u003e permissions in pyLoad.\u003c/li\u003e\n\u003cli\u003eThe attacker uses the \u003ccode\u003e/api/set_config_value\u003c/code\u003e endpoint to modify the \u003ccode\u003estorage_folder\u003c/code\u003e option, setting its value to the Flask session store directory: \u003ccode\u003e/tmp/pyLoad/flask\u003c/code\u003e. This bypasses existing path restrictions.\u003c/li\u003e\n\u003cli\u003eThe attacker calculates the target session filename by computing the MD5 hash of the string \u0026ldquo;session:ATTACKER_SESSION_ID\u0026rdquo;.\u003c/li\u003e\n\u003cli\u003eThe attacker hosts a malicious pickle payload (e.g., \u003ccode\u003e92912f771df217fb6fbfded6705dd47c\u003c/code\u003e) on a remote server.\u003c/li\u003e\n\u003cli\u003eThe attacker uses the \u003ccode\u003e/api/add_package\u003c/code\u003e endpoint to add a download package. The download link points to the hosted malicious pickle payload on the attacker\u0026rsquo;s server: \u003ccode\u003ehttp://attacker.com/92912f771df217fb6fbfded6705dd47c\u003c/code\u003e. The \u003ccode\u003edest\u003c/code\u003e parameter specifies where to store the downloaded file.\u003c/li\u003e\n\u003cli\u003epyLoad downloads the malicious pickle payload and saves it to the Flask session store directory, naming it according to the MD5 hash calculated earlier.\u003c/li\u003e\n\u003cli\u003eThe attacker crafts an HTTP request to the pyLoad server, including a cookie named \u003ccode\u003epyload_session_{port}\u003c/code\u003e with the value \u003ccode\u003eATTACKER_SESSION_ID\u003c/code\u003e.  The port number is derived from the pyLoad configuration.\u003c/li\u003e\n\u003cli\u003eUpon receiving the request with the crafted cookie, Flask attempts to load the session data from the corresponding file. The \u003ccode\u003ecachelib\u003c/code\u003e library deserializes the malicious pickle payload using \u003ccode\u003epickle.load()\u003c/code\u003e, triggering arbitrary code execution.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation allows a non-admin user with SETTINGS and ADD permissions to achieve arbitrary code execution as the pyload service user. This grants the attacker the ability to execute arbitrary commands, read environment variables (potentially exposing API keys and credentials), access the filesystem (including download history and user databases), and potentially pivot to other network resources. The vulnerability requires no authentication to trigger the final stage of exploitation, increasing its severity and potential impact.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDeploy the following Sigma rule to detect attempts to modify the \u003ccode\u003estorage_folder\u003c/code\u003e configuration option to point to the Flask session directory (\u003ccode\u003e/tmp/pyLoad/flask\u003c/code\u003e): \u003ccode\u003eSuspicious pyLoad Storage Folder Modification\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eApply the suggested fix by adding \u003ccode\u003estorage_folder\u003c/code\u003e to the \u003ccode\u003eADMIN_ONLY_OPTIONS\u003c/code\u003e set in the pyLoad configuration to prevent non-admin users from modifying it.\u003c/li\u003e\n\u003cli\u003eBlock the malicious URLs used to deliver the pickle payload, specifically \u003ccode\u003ehttp://attacker.com/92912f771df217fb6fbfded6705dd47c\u003c/code\u003e, at your network perimeter.\u003c/li\u003e\n\u003cli\u003eMonitor for HTTP requests containing the crafted session cookie (\u003ccode\u003epyload_session_{port}=ATTACKER_SESSION_ID\u003c/code\u003e), using a webserver or proxy log source, as it triggers the final stage of the attack.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-04-04T06:43:37Z","date_published":"2026-04-04T06:43:37Z","id":"/briefs/2026-04-pyload-rce/","summary":"pyLoad is vulnerable to arbitrary code execution via an unprotected `storage_folder` configuration option, allowing an attacker with `SETTINGS` and `ADD` permissions to write a malicious pickle payload to the Flask session store and execute arbitrary code upon subsequent HTTP requests.","title":"pyLoad Arbitrary Code Execution via Malicious Session Deserialization","url":"https://feed.craftedsignal.io/briefs/2026-04-pyload-rce/"}],"language":"en","title":"CraftedSignal Threat Feed — PyLoad","version":"https://jsonfeed.org/version/1.1"}