HighPublic exploit

Authenticated RCE in NetBox RenderTemplateMixin via Jinja2 finalize import

IdentifiersCVE-2026-29514CWE-94

CVE-2026-29514 is a remote code execution vulnerability in NetBox affecting versions 4.3.5 through 4.5.4. The flaw is in RenderTemplateMixin.get_environment_params(), which resolves user-controlled dotted-path values from the environment_params field using Django's import_string() for Jinja2 environment keys including finalize and undefined, without an allowlist. An authenticated user with template-related permissions can supply a malicious importable callable such as subprocess.getoutput in environment_params.finalize. NetBox then passes the resolved callable into Jinja2's SandboxedEnvironment as the finalize callback. Because finalize is invoked on every rendered expression outside the sandbox's call interception path, an attacker can bypass the intended Jinja2 sandbox restrictions and execute arbitrary shell commands during template rendering. The issue affects both ExportTemplate and ConfigTemplate rendering paths and results in code execution as the NetBox service user.

For your environment

Are you exposed to this one?

Mallory correlates every CVE against your assets, your vendors, and active adversary campaigns. Know which vulnerabilities matter for you, not just which ones are loud.

Start free trial

ANALYST BRIEF

Impact, mitigation & remediation

What it means. What to do now. Patch path, mitigations, and the assume-compromise checklist.

Impact

What an attacker gets, and what they’ve been doing with it.

Successful exploitation gives an authenticated low-privilege user arbitrary code execution on the NetBox host as the NetBox service account. This can expose sensitive application data and secrets commonly present in NetBox deployments, including database credentials, Redis credentials, the Django secret key, configuration contexts, and complete network topology and infrastructure inventory data. The attacker can also use the foothold for further post-exploitation, including access to backend services reachable by the NetBox instance.

Mitigation

If you can’t patch tonight, do this now.

Until patched, remove template creation and rendering permissions from untrusted or low-privilege users, especially extras.add_exporttemplate, extras.view_exporttemplate, extras.add_configtemplate, and extras.render_configtemplate. Review existing ExportTemplate and ConfigTemplate objects for malicious environment_params values, particularly finalize or undefined entries containing dotted Python import paths. Restrict access to API endpoints and UI functions that trigger template rendering, and monitor for suspicious template definitions or render requests using export parameters or config-template render endpoints.

Remediation

Patch, then assume compromise.

Upgrade NetBox to a fixed release that restricts path-importable Jinja2 environment parameters through an allowlist and validates unsafe values both when templates are saved and again at render time. The referenced upstream fix adds an allowlist for importable values, rejects unsafe finalize and undefined values, and preserves unrelated Jinja2 parameters. If a fixed version is not yet available in your environment, apply the upstream patch or equivalent code changes to RenderTemplateMixin and associated validation logic.

PUBLIC EXPLOITS

Exploits

No public exploits tracked yet. Mallory keeps watching.

VALID 0 / 0 TOTALView more in app

No public exploit code observed for this vulnerability.

EXPOSURE SURFACE

Affected products & vendors

Products and vendors Mallory has correlated with this vulnerability. Open in Mallory to drill down to specific CPE configurations and version ranges.

VendorProductType

NetboxNetboxapplication

Vendor-confirmed product mapping. Mallory continuously reconciles this list against your asset inventory.

ACTIVITY FEED

Recent activity

8 sources tracked across advisories, community write-ups, and news. New activity surfaces here as Mallory finds it.

8 SOURCESView more in app

cvefeed high severityNews

May 4, 2026

CVE-2026-29514 - NetBox 4.3.5 - 4.5.4 RCE via RenderTemplateMixin

A remote code execution vulnerability in NetBox RenderTemplateMixin.get_environment_params() affecting versions 4.3.5 through 4.5.4. Authenticated users with exporttemplate or configtemplate permissions can execute arbitrary code by abusing environment_params to invoke malicious Python callables and bypass Jinja2 sandbox protections.

zeropath blogNews

May 4, 2026

NetBox CVE-2026-29514: Brief Summary of Jinja2 Sandbox Bypass Leading to Remote Code Execution - ZeroPath Blog | ZeroPath

An authenticated remote code execution vulnerability in NetBox caused by unsafe user-controlled configuration of Jinja2 SandboxedEnvironment parameters via RenderTemplateMixin, allowing sandbox bypass through the finalize callable.

chocapikkNews

Apr 30, 2026

CVE-2026-29514: NetBox Jinja2 Sandbox Bypass to RCE via RenderTemplateMixin environment_params - Chocapikk's Cybersecurity Blog

A remote code execution vulnerability in NetBox caused by unsafe import_string() resolution of Jinja2 environment parameters, especially finalize, allowing low-privilege users to execute shell commands via ExportTemplate or ConfigTemplate rendering.

What this page doesn’t show

The version that knows your environment.

This page is what’s public. Mallory adds the parts that aren’t: which of your assets are affected, which adversaries are exploiting it right now, which detections to deploy, and what to do tonight.

Start free trial

Exposure mapping

Query your assets running an affected version, and investigate the blast radius.

Threat actor evidence

Every observed campaign linking this CVE to a named adversary.

Associated malware

Malware families riding this exploit, with evidence and IOCs.

Detection signatures

YARA, Sigma, Snort, and vendor rules, auto-deployed to your SIEM.

Vendor-by-vendor mapping

Cross-references every affected SKU, including bundled OEM variants.

Social activity5