Kopia CVE-2026-45695 (CVSS 9.8) Unauthenticated RCE

Kopia, a common open-source backup and restore tool, is affected by CVE-2026-45695, a critical unauthenticated remote code execution (RCE) vulnerability. This flaw, assigned a CVSS score of 9.8, results from an SSH ProxyCommand injection vulnerability within its HTTP server implementation. Security researchers recently identified this issue. Organizations deploying Kopia need to address it immediately.

The vulnerability allows unauthenticated users to execute arbitrary commands on the host system where the Kopia server runs. It is possible because of a lack of proper input validation and argument tokenization when processing user-supplied SFTP backend configurations. This occurs particularly when the server starts with the --without-password flag and listens on non-loopback interfaces. Its unauthenticated nature and straightforward execution make CVE-2026-45695 a high exploitation risk.

Successful exploitation grants an attacker full command execution privileges as the local Kopia process user. This can lead to serious consequences, including data compromise, system takeover, lateral movement, or other damage within an affected network. Organizations must immediately review their Kopia deployments and apply available patches to mitigate this threat.

What is CVE-2026-45695 and why is it critical?

CVE-2026-45695 is an unauthenticated remote code execution (RCE) vulnerability found in the Kopia open-source backup and restore tool. It holds a critical CVSS score of 9.8, signifying maximum severity. The vulnerability is critical because it permits command execution on the host system and requires no prior authentication, triggering with a single HTTP request, which makes it attractive to attackers.

The cause is a command injection flaw within Kopia's HTTP server when handling SFTP backend configurations. Specifically, if the Kopia HTTP server starts with the --without-password flag and an SFTP backend with external SSH is enabled, an attacker can inject arbitrary shell commands. These commands execute via the OpenSSH ProxyCommand directive during the attempt to establish an SFTP connection, even if the connection itself fails. A detailed technical breakdown of CVE-2026-45695 is available in our prior analysis.

Impact

An attacker successfully exploiting CVE-2026-45695 can achieve remote code execution on the server hosting the Kopia application. This capability has serious implications, potentially impacting the confidentiality, integrity, and availability of data and systems. The attacker gains the ability to run commands as the user under which the Kopia process operates, typically a privileged service account.

The primary risks are:

  • Data Exfiltration: Kopia, as a backup tool, has access to system data and potentially sensitive user files. An RCE vulnerability allows an attacker to access, copy, and exfiltrate this backup data, leading to data breaches.
  • System Compromise and Lateral Movement: With command execution on the backup server, an attacker can install persistent backdoors, establish command and control (C2) channels, deploy additional malicious payloads, or modify system configurations. This allows further attacks, enabling lateral movement within the compromised network and targeting other systems.
  • Ransomware Deployment: The ability to execute arbitrary commands makes the server susceptible to ransomware attacks. Attackers can encrypt backups or the entire system, rendering data inaccessible and disrupting business operations.
  • Resource Abuse: Compromised servers can be used for cryptojacking, denial-of-service (DoS) attacks against other targets, or to participate in botnets.
  • Supply Chain Implications: If Kopia is used in software development or deployment pipelines, compromise of the backup server could inadvertently affect other stages of the software supply chain, introducing vulnerabilities or malicious code into downstream products.

Any organization using Kopia in an unpatched and vulnerable configuration is at serious risk. The unauthenticated nature of the vulnerability means attackers do not require any prior credentials or legitimate access to the system, making exploitation easier. The direct consequences of RCE require urgent patching and mitigation efforts.

Exploitation chain

The exploitation chain for CVE-2026-45695 uses a command injection vulnerability within the Kopia HTTP server's handling of SFTP backend configurations. This unauthenticated process can be triggered by a single HTTP request under specific conditions.

Successful exploitation involves these steps:

  1. Vulnerable Configuration: The Kopia HTTP server must run with the --without-password flag enabled and listen on a non-loopback network interface. This configuration allows the server to accept unauthenticated requests to its API endpoints.
  2. API Endpoint Interaction: An unauthenticated attacker sends a specially crafted malicious payload to the /api/v1/repo/exists API handler. This endpoint checks for repository existence.
  3. Malicious Payload as Storage Setup: The server processes the attacker-supplied payload, interpreting it as a user-defined storage setup configuration. If this configuration specifies an SFTP backend, the application prepares an SSH connection command.
  4. Argument Parsing Vulnerability: The core vulnerability lies in how Kopia's backend code parses incoming arguments for the SFTP configuration. It splits arguments using only literal space characters, lacking proper tokenization and strict input validation.
  5. ProxyCommand Injection: Due to deficient parsing, an attacker can append dangerous arguments directly into the configuration string. Inserting an -oProxyCommand= token into the SFTP connection parameters allows for command injection. OpenSSH, which handles the underlying SSH connection, treats this directive as an instruction to execute a specified command through the host shell.
  6. Unauthenticated Command Execution: The shell command specified within the ProxyCommand argument executes before OpenSSH attempts to establish a network connection to the target SFTP destination. This means the injected command executes successfully on the Kopia server, even if the SFTP target is unreachable or nonexistent.
  7. Remote Code Execution: The attacker gains full command execution privileges as the local Kopia process user. This entire process requires no user interaction and completes with a single HTTP request.

This class of vulnerabilities, specifically command injection leading to RCE, has been observed in various platforms. Our analysis of a command injection RCE flaw in Universal Robots and an OS command injection RCE vulnerability in TP-Link devices provides details. Understanding these attack vectors is important for strong defense.

Affected products and versions

The CVE-2026-45695 vulnerability impacts specific versions of the Kopia open-source backup and restore tool. Administrators must verify their current Kopia installation versions to determine exposure.

The following releases are vulnerable:

  • Kopia installations running version 0.22.3 and all earlier builds.

Organizations utilizing any of these versions should upgrade immediately.

Detection

Detecting exploitation attempts or successful exploitation of CVE-2026-45695 requires full monitoring of network traffic, application logs, and system processes. Because the vulnerability is unauthenticated and allows direct remote code execution, indicators should be sought across multiple security layers.

Detection strategies include:

  • HTTP Request Monitoring:
  • Monitor for HTTP POST requests to the /api/v1/repo/exists endpoint on Kopia servers.
  • Inspect request bodies for unusual or malformed SFTP configuration parameters, looking for the string -oProxyCommand= followed by arbitrary commands.
  • Identify requests from unexpected IP addresses or highly repetitive requests to this endpoint.
  • System Process Monitoring:
  • Monitor process creation events on the host running the Kopia server.
  • Look for unexpected child processes spawned by the Kopia application process (e.g., kopia server).
  • Watch for executions of ssh or common shell interpreters (e.g., bash, sh, nc, curl, wget, python, perl, php) as child processes of Kopia.
  • Analyze the command-line arguments of these spawned processes for suspicious activity, such as attempts to connect to unusual hosts, download files, execute system commands, or modify configurations.
  • Network Activity Monitoring:
  • Monitor outbound network connections from the Kopia server, particularly those initiated by the Kopia user or process.
  • Look for connections to unusual or unauthorized external IP addresses, domains, non-standard ports, or unexpected protocols, which could indicate C2 communication, data exfiltration, secondary malware download, or other malicious activity.
  • Baseline normal Kopia network behavior to identify anomalies.
  • Log Analysis:
  • Review Kopia server logs for errors or unusual entries related to repository existence checks (/api/v1/repo/exists) or SFTP backend configuration parsing. The vulnerability might not always log explicit injection errors, but abnormal entries could precede an attack.
  • Examine host system logs (e.g., syslog, auth.log, auditd logs on Linux systems, Windows Event Logs for equivalent process creation/network activity) for signs of unusual command execution or SSH activity from the Kopia user. Look for process executions that do not align with normal backup operations.
  • Endpoint Detection and Response (EDR) Queries:
  • Use EDR solutions to create detection rules for:
  • Process ancestry: kopia server spawning shell interpreters or ssh with suspicious arguments.
  • Network connections: Kopia process making outbound connections to untrusted destinations.
  • File modifications: Unexpected file creations or modifications by the Kopia user in sensitive system directories.
  • Registry changes: Unusual changes to system registry keys (for Windows, if applicable).

Remediation

Immediate remediation is necessary to protect systems from CVE-2026-45695. The main method of remediation is to apply the official security patch. If immediate patching is not feasible, temporary mitigations can reduce the attack surface.

  • Patching to a Secured Version:
  • Upgrade Kopia installations to version 0.23.0 or above. These versions contain the official security fix for the ProxyCommand injection vulnerability. This is the most effective remediation.
  • Verify the upgrade by checking the Kopia version after installation to confirm it is 0.23.0 or higher.
  • Temporary Mitigations (if immediate patching is not possible):
  • Disable --without-password on Non-Loopback Interfaces: The official code patch in Kopia 0.23.0 introduces a safeguard that disallows starting a server without an active password configuration if it listens on any non-loopback network interface. For vulnerable versions, ensure the Kopia HTTP server is never started with the --without-password flag if it is accessible from external or non-loopback network interfaces.
  • Restrict Network Access: If the --without-password flag must be used for specific operational requirements, configure firewall rules to strictly limit access to the Kopia HTTP server port (typically 51515) only to trusted internal IP addresses or localhost (127.0.0.1). This reduces external exposure.
  • Disable SFTP Backend with External SSH: If the SFTP backend functionality with external SSH is not strictly required, disable it. This removes the attack vector that relies on ProxyCommand injection.
  • Implement Principle of Least Privilege: Ensure the user account running the Kopia server process has the minimum necessary privileges. This limits the impact of a successful RCE, although it does not prevent initial execution.
  • Continuous Monitoring:
  • After implementing patches or mitigations, maintain continuous monitoring as outlined in the detection section.

Technical Takeaways

  • CVE-2026-45695 is an unauthenticated remote code execution vulnerability in Kopia, with a CVSS score of 9.8.
  • The flaw impacts Kopia versions 0.22.3 and all earlier builds when the HTTP server starts with the --without-password flag and uses an SFTP backend with external SSH.
  • Exploitation occurs via command injection through the /api/v1/repo/exists API endpoint, using OpenSSH's ProxyCommand directive due to improper argument parsing.
  • Successful exploitation grants an unauthenticated attacker remote command execution privileges as the Kopia process user, which can lead to data exfiltration, system compromise, ransomware deployment, or other damage.
  • Remediation requires upgrading Kopia to version 0.23.0 or higher. Temporary mitigations include avoiding the --without-password flag on externally accessible interfaces and restricting network access to the Kopia HTTP server.