{"id":"CVE-2026-44888","summary":"Unauthenticated RCE via Python Config File Injection in SaveConfigFile() (Interger)","details":"Pi.Alert is a WIFI / LAN intruder detector with web service monitoring. Prior to 2026-05-07, Pi.Alert's SaveConfigFile() endpoint writes user-supplied numeric config values (e.g., SMTP_PORT) directly into\npialert.conf without validation. Since pialert.conf is loaded via Python's exec() every 3–5 minutes by the\nbackground cron process, an attacker can inject arbitrary Python code and achieve unauthenticated OS-level RCE. On\ndefault installations (PIALERT_WEB_PROTECTION = False), no credentials are required. This vulnerability is fixed in 2026-05-07.","aliases":["GHSA-xg85-f8qw-7c5f"],"modified":"2026-07-08T08:20:08.139868355Z","published":"2026-05-27T19:14:43.897Z","database_specific":{"cwe_ids":["CWE-94"],"cna_assigner":"GitHub_M","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/44xxx/CVE-2026-44888.json"},"references":[{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/44xxx/CVE-2026-44888.json"},{"type":"ADVISORY","url":"https://github.com/leiweibau/Pi.Alert/security/advisories/GHSA-xg85-f8qw-7c5f"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-44888"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/leiweibau/pi.alert","events":[{"introduced":"0"},{"fixed":"ac09cc54862cbf277d8f69f58d83c980ae68b2c0"}],"database_specific":{"extracted_events":[{"introduced":"0"},{"fixed":"2026-05-07"}],"source":"AFFECTED_FIELD"}}],"versions":["v2026-03-20","v2026-03-16","v2026-02-28","v2026-02-07","v2026-01-07","v2026-01-04","v2025-12-14","v2025-11-05","v2025-10-31","v2025-10-18","v2025-07-30","v2025-07-12","v2025-06-12","v2025-05-11","v2025-04-26","v2025-03-21","v2025-02-16","v2025-02-06","v2025-02-04","v2024-12-12","v2024-11-11","v2024-10-20","v2024-09-28","v2024-09-17","v2024-09-01","v2024-08-24","v2024-08-09","v2024-07-17","v2024-07-04","v2024-06-29","v2024-06-12","v2024-05-25","v2024-05-20","v2024-04-25","v2024-04-15","v2024-04-14","v2024-03-28","v2024-03-17","v2024-02-24","v2024-02-15","v2024-02-07","v3.02","v3.00","v2.70","v2.61","v2.60","v2.56","v2.55","v2.52","v2.51","v2.50"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-44888.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}