Authorization Bypass Vulnerability in Rsync Daemon by Rsync
CVE-2026-43617

6.3MEDIUM

Key Information:

Vendor

Rsyncproject

Status
Rsync
Vendor
CVE Published:
20 May 2026

What is CVE-2026-43617?

Rsync versions prior to 3.4.3 exhibit an authorization bypass vulnerability within the rsync daemon's hostname-based access control list when configured with chroot. This flaw allows attackers to circumvent intended deny rules using control over the PTR record of their source IP address. When reverse DNS resolution fails, the system defaults to UNKNOWN, enabling unauthorized connections from hostnames that should otherwise be restricted by the server's administrative settings.

Affected Version(s)

rsync 0 < 3.4.3

References

https://github.com/RsyncProject/rsync/security/advisories...
vendor-advisory
https://github.com/RsyncProject/rsync/releases/tag/v3.4.3
release-notes
https://www.vulncheck.com/advisories/rsync-authorization-...
third-party-advisory

CVSS V4

Score:
6.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
High
Attack Required:
Physical
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Joshua Rogers (@MegaManSec)
.