Glances, an open-source cross-platform system monitoring tool, contains a path traversal vulnerability in versions >=4.0.8 and <4.5.5. The secure_popen() function in glances/secure.py processes shell command strings containing redirection (>), pipe (|), and command chaining (&&) operators without sanitizing the inputs. When Application Monitoring Process (AMP) modules load command or service_cmd values from the glances.conf configuration file, these unsanitized values are passed directly to secure_popen(). This allows an attacker with the ability to modify the configuration file to write arbitrary content to arbitrary filesystem locations, execute chained commands, or pipe command output to arbitrary programs. The vulnerability is addressed in Glances version 4.5.5.

Successful exploitation allows an attacker with write access to the Glances configuration file to perform arbitrary file writes, execute arbitrary chained commands, and pipe command outputs to arbitrary programs. This can lead to full system compromise with high confidentiality, integrity, and availability impact as indicated by the CVSS score of 7.8.

A fixed version of Glances is available at 4.5.5. Users should upgrade to version 4.5.5 or later to remediate this vulnerability. Since the vulnerability requires the attacker to modify the Glances configuration file, restricting write access to this file is also a recommended security measure. Patch status is not explicitly stated in the vendor advisory, but the description confirms the issue is fixed in 4.5.5.