CVE Catalog

CVE-2026-41448

CriticalCVSS 9.4
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.12%

30th percentile — higher than 30% of all known CVEs

Summary

AdGuard Home, when started with the --glinet flag, contains an authentication bypass vulnerability that allows unauthenticated attackers to gain full admin access by supplying a path traversal sequence in the Admin-Token cookie. This exploits unsanitized string concatenation in the token file path construction within the authglinet middleware.

Risk Assessment

This vulnerability allows attackers to take full control of the system, potentially leading to serious security breaches and data loss. Organizations should be aware of the risks associated with unauthorized access to administrative resources.

Recommendation

It is recommended to immediately update AdGuard Home to the latest version that fixes this vulnerability. Additionally, consider disabling the --glinet flag to minimize risk.

Original NVD description (English source)

AdGuard Home, when started with the --glinet flag, contains an authentication bypass vulnerability that allows unauthenticated attackers to gain full admin access by supplying a path traversal sequence in the Admin-Token cookie, exploiting unsanitized string concatenation in the token file path construction within the authglinet middleware. Attackers can craft a request with a traversal payload in the Admin-Token header to redirect file reads to arbitrary paths.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS