SSHFS Command Execution Exploit Code Released Publicly

A popular utility for mounting remote directories over SFTP contains severe architectural flaws. Specifically, independent security researchers uncovered a dangerous sshfs command execution exploit tracking as CVE-2026-48711. These software flaws allow arbitrary local interactions or rogue directory escapes. Because full technical details and public exploit code released online, administrators must update their applications right away. Consequently, this bulletin covers installations running software version 3.7.5 or earlier.

Deconstructing the Argument Injection Flaw

To begin with, the first flaw involves a validation defect inside the host processing routine. The underlying software passes parameters directly to the sub-process without proper cleaning. The official report explains that “sshfs passes the parsed hostname to ssh without validating that it is a hostname.” Consequently, a malformed mount source string can inject custom options.

Bypassing Brackets and Running Code

Furthermore, attackers can format specific strings using bracket characters to force execution access. The application strips the outer symbols but retains the core payload intact. “The injected ProxyCommand executes locally before the connection fails.” Therefore, an adversary can run arbitrary code without any SSH authentication.

The Rogue Symlink Escape Risk

Additionally, a second vulnerability introduces a malicious path bypass tracking as CVE-2026-47187 (CVSS 9.3). This threat occurs when a victim connects to an untrusted host environment. The report outlines the issue: “A rogue SFTP server returns symlink targets that the kernel VFS resolves on the client’s local filesystem.”

Manipulating File Operations

Subsequently, the rogue host induces unauthorized local file modifications. If a victim performs copy actions, the kernel follows the remote symlink back to the local computer. For instance, a malicious host can target a shell startup file to achieve persistent code execution. As a result, this active sshfs command execution exploit completely breaks file separation boundaries.

Remediation and Mandatory Upgrade Pathways

Ultimately, organizations must deploy secure software packages to safeguard their systems. Standard host filtering methods cannot block the relative path escape sequences. Therefore, administrators should upgrade to version 3.7.6 or later immediately. This software update correctly rejects malformed hostnames before executing connections. Finally, teams must verify all remote server keys to prevent unauthorized intermediate interception.