CVE-2026-33396 Overview
CVE-2026-33396 is a critical command injection vulnerability in OneUptime, an open-source monitoring and observability platform. The vulnerability allows a low-privileged authenticated user with ProjectMember permissions to achieve remote command execution on the Probe container or host by exploiting an incomplete denylist in the Synthetic Monitor Playwright script execution sandbox.
Critical Impact
Authenticated attackers with low privileges can escape the sandbox and execute arbitrary system commands on the Probe container/host, potentially leading to full system compromise.
Affected Products
- Hackerbay OneUptime versions prior to 10.0.35
Discovery Timeline
- 2026-03-26 - CVE-2026-33396 published to NVD
- 2026-03-26 - Last updated in NVD database
Technical Details for CVE-2026-33396
Vulnerability Analysis
This vulnerability exists in OneUptime's Synthetic Monitor feature, which allows users to execute Playwright scripts for monitoring purposes. The synthetic monitor code runs within VMRunner.runCodeInNodeVM, which provides a sandbox environment with a live Playwright page object in context.
The sandbox implementation relies on a denylist approach to block dangerous properties and methods. However, the denylist is incomplete, failing to restrict access to _browserType and the launchServer method. This oversight creates a pathway for attackers to escape the sandbox by traversing the object chain from the provided page object.
Root Cause
The root cause is an incomplete denylist-based security model in the VM sandbox. The sandbox was designed to prevent malicious code execution by blocking known dangerous methods, but failed to account for all exploitable paths through the Playwright browser object hierarchy. Specifically, the internal _browserType property and its launchServer method were not included in the blocked properties list, allowing sandbox escape.
Attack Vector
An attacker with ProjectMember access can craft a malicious Synthetic Monitor script that exploits the incomplete denylist. The attack leverages the Playwright object chain traversal:
- Start with the page object provided in the sandbox context
- Access the browser context via page.context()
- Obtain the browser instance with .browser()
- Access the internal _browserType property
- Call launchServer(...) to spawn arbitrary processes
The vulnerability allows the attacker to traverse page.context().browser()._browserType.launchServer(...) to spawn arbitrary processes on the underlying Probe container or host system, effectively bypassing the sandbox entirely.
Detection Methods for CVE-2026-33396
Indicators of Compromise
- Unusual process spawning originating from the Probe container or OneUptime worker processes
- Synthetic Monitor scripts containing references to _browserType or launchServer
- Unexpected network connections or outbound traffic from Probe containers
- Anomalous system command executions logged in audit trails
Detection Strategies
- Monitor Synthetic Monitor script submissions for suspicious patterns including _browserType, launchServer, or other internal Playwright APIs
- Implement runtime monitoring on Probe containers to detect unexpected child process creation
- Review audit logs for ProjectMember accounts creating or modifying Synthetic Monitors with complex scripts
- Deploy application-level logging to capture all Playwright method invocations within the sandbox
Monitoring Recommendations
- Enable verbose logging for the VMRunner.runCodeInNodeVM function to capture all executed code
- Set up alerts for any process execution anomalies on Probe hosts
- Monitor for lateral movement attempts originating from Probe container network segments
- Implement container runtime security to detect sandbox escape attempts
How to Mitigate CVE-2026-33396
Immediate Actions Required
- Upgrade OneUptime to version 10.0.35 or later immediately
- Audit existing Synthetic Monitor scripts for potentially malicious code patterns
- Review access permissions and remove unnecessary ProjectMember privileges
- Consider temporarily disabling the Synthetic Monitor feature until patching is complete
Patch Information
OneUptime has released version 10.0.35 which addresses this vulnerability. The fix is available in commit e8e4ee3ff0740eb131045ab3d67453141c46178a. Organizations should update immediately by pulling the latest version from the official repository. For detailed patch information, refer to the GitHub Security Advisory and the patch commit.
Workarounds
- Restrict Synthetic Monitor creation to trusted administrator accounts only until patching is complete
- Implement network segmentation to isolate Probe containers from sensitive internal resources
- Deploy container runtime security solutions to prevent unauthorized process spawning
- Add custom application-level filtering to block scripts containing _browserType or launchServer patterns
# Example: Update OneUptime to patched version
git pull origin main
git checkout v10.0.35
docker-compose down
docker-compose build --no-cache
docker-compose up -d
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
