## https://sploitus.com/exploit?id=AD6E3171-9B38-513D-86AD-56DA2DCBDBA6
# ๐จ CVE-2026-4480 - Critical Remote Code Execution in Samba Printing Subsystem
Remote Code Execution (RCE)
Samba Print Command Injection Vulnerability
---
*"A single print job name should never become a shell command."*
## ๐ Overview
> **CVE-2026-4480** is a critical command injection vulnerability affecting Samba's printing subsystem.
Under specific configurations, Samba may pass a user-controlled print job name (`%J`) into a shell command without sufficient sanitization, potentially allowing an attacker to execute arbitrary commands on the affected server.
---
## ๐ฏ Vulnerability Details
| Field | Value |
|---------|---------|
| **CVE ID** | CVE-2026-4480 |
| **Severity** | ๐ด Critical |
| **CVSS Score** | 10.0 |
| **CWE** | CWE-78 |
| **Type** | OS Command Injection |
| **Impact** | Remote Code Execution |
| **Affected Product** | Samba |
| **Disclosure Year** | 2026 |
---
## ๐ Root Cause
The issue occurs when Samba is configured with a custom printing command similar to:
```ini
print command = lp -t %J %s
```
The `%J` parameter expands to the print job name supplied by a client.
If this value reaches a shell interpreter without proper escaping or validation, special characters may alter command execution behavior.
---
## โก Potential Impact
Successful exploitation may allow an attacker to:
- ๐ Execute arbitrary operating system commands
- ๐ Access sensitive files
- ๐๏ธ Delete or modify data
- ๐ฆ Deploy malware or backdoors
- ๐ Escalate privileges depending on service configuration
- ๐ Fully compromise the server
---
## ๐ฆ Affected Versions
| Branch | Vulnerable Before |
|----------|------------------|
| 4.22.x |
### ๐ Security Research โข Vulnerability Intelligence โข Responsible Disclosure
โญ If this repository helped your research, consider giving it a star.