CVE-2026-29514: NetBox RCE Vulnerability

CVE-2026-29514 Overview

CVE-2026-29514 is a remote code execution vulnerability in NetBox versions 4.3.5 through 4.5.4. The flaw resides in the RenderTemplateMixin.get_environment_params() method. Authenticated users holding exporttemplate or configtemplate permissions can supply malicious Python callables through the environment_params field. Attackers bypass the Jinja2 SandboxedEnvironment by setting the finalize parameter to any importable callable such as subprocess.getoutput. The sandbox invokes finalize on every rendered expression outside its call interception path, executing arbitrary code as the NetBox service user.

Critical Impact

Authenticated NetBox users with template permissions can achieve remote code execution on the application host, exposing network inventory data and adjacent infrastructure.

Affected Products

• NetBox 4.3.5 through 4.5.4
• NetBox export template rendering subsystem
• NetBox configuration template rendering subsystem

Discovery Timeline

• 2026-05-04 - CVE-2026-29514 published to NVD
• 2026-05-05 - Last updated in NVD database

Technical Details for CVE-2026-29514

Vulnerability Analysis

NetBox uses Jinja2's SandboxedEnvironment to render export templates and configuration templates. The sandbox restricts attribute access and intercepts unsafe calls during template evaluation. The RenderTemplateMixin.get_environment_params() method accepts a user-controlled environment_params dictionary and forwards selected keys directly into the Jinja2 environment constructor. One accepted key is finalize, a callable Jinja2 invokes on the result of every rendered expression. Because Jinja2 calls finalize outside the sandbox call interception logic, the supplied callable runs with full Python privileges. The vulnerability is classified under [CWE-183] permissive list of allowed inputs.

Root Cause

The root cause is improper validation of the environment_params mapping. NetBox treats the mapping as configuration data without restricting which environment hooks users may control. The finalize hook accepts any importable Python callable, including subprocess.getoutput, os.system, and eval. The sandbox design assumes finalize is set by trusted application code, not by template authors.

Attack Vector

An attacker authenticates to NetBox with an account granted exporttemplate or configtemplate permissions. The attacker creates or edits a template and submits an environment_params payload that resolves finalize to subprocess.getoutput. When the template renders, NetBox imports the callable and applies it to every expression result. The callable receives attacker-controlled strings and executes shell commands as the NetBox service account. Output returns inline within the rendered template, providing direct command output to the attacker. See the VulnCheck NetBox RCE Advisory and the Chocapikk RCE Template Post for technical walkthroughs.

Detection Methods for CVE-2026-29514

Indicators of Compromise

• Export or configuration templates containing an environment_params field that references callables such as subprocess.getoutput, os.system, os.popen, or eval.
• NetBox audit log entries showing template create or update events from accounts with exporttemplate or configtemplate permissions immediately followed by render requests.
• Child processes such as /bin/sh, bash, curl, or wget spawned by the NetBox WSGI worker (gunicorn, uwsgi) or Celery worker process.

Detection Strategies

• Inspect the NetBox database extras_exporttemplate and extras_configtemplate tables for environment_params values that import Python callables.
• Alert on process lineage where the NetBox service user spawns shell interpreters or network utilities outside normal application flow.
• Correlate template modification events with subsequent outbound network connections from the NetBox host.

Monitoring Recommendations

• Forward NetBox application logs and host process telemetry to a centralized analytics platform for correlation.
• Track usage of the /api/extras/export-templates/ and /api/extras/config-templates/ endpoints, particularly POST and PATCH requests.
• Monitor accounts that hold template permissions and review their activity for unexpected template content changes.

How to Mitigate CVE-2026-29514

Immediate Actions Required

• Upgrade NetBox to a fixed release above 4.5.4 as published in the GitHub NetBox Pull Request.
• Audit all existing export templates and configuration templates for malicious environment_params payloads and remove suspicious entries.
• Revoke exporttemplate and configtemplate permissions from accounts that do not require them.

Patch Information

The NetBox maintainers addressed the issue by restricting the keys accepted from environment_params so user input can no longer set sandbox-bypassing parameters such as finalize. Refer to the GitHub NetBox Issue Discussion and the merged GitHub NetBox Pull Request for the upstream fix.

Workarounds

• Restrict template editing permissions to a minimal set of trusted administrators until patching is complete.
• Place NetBox behind authenticated network controls and require multi-factor authentication for accounts with template privileges.
• Run the NetBox service under a dedicated low-privilege account with no sudo rights and isolate it from sensitive infrastructure.

# Configuration example: identify templates that reference dangerous callables
psql -U netbox -d netbox -c "SELECT id, name, environment_params FROM extras_exporttemplate WHERE environment_params::text ILIKE '%subprocess%' OR environment_params::text ILIKE '%os.system%' OR environment_params::text ILIKE '%finalize%';"
psql -U netbox -d netbox -c "SELECT id, name, environment_params FROM extras_configtemplate WHERE environment_params::text ILIKE '%subprocess%' OR environment_params::text ILIKE '%os.system%' OR environment_params::text ILIKE '%finalize%';"