Link following in Netatalk - CVE-2026-44051

 

Link following in Netatalk - CVE-2026-44051

Published: July 12, 2026


Vulnerability identifier: #VU137327
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2026-44051
CWE-ID: CWE-59
Exploitation vector: Remote access
Exploit availability: No public exploit available
Vendor: Netatalk
Affected software:
Netatalk

Detailed vulnerability description

The vulnerability allows a remote user to create arbitrary symlinks and disclose sensitive information.

The vulnerability exists due to improper link resolution before file access in the afp_setfilparams FPSetFilParms command handler when processing FinderInfo values set to "slnkrhap" for a file whose contents are used as the symlink target path. A remote user can create a file containing an arbitrary path string and send a crafted FPSetFilParms request to create arbitrary symlinks and disclose sensitive information.

Exploitation requires write access to an AFP volume, and the disclosure occurs when another service or process follows the created symlink.


How to mitigate CVE-2026-44051

Install security update from vendor's website.

Sources