Описание
A shell injection vulnerability was discovered in ROS2 (Robot Operating System 2) Galactic Geochelone ROS_VERSION 2 and ROS_PYTHON_VERSION 3, allows attackers to execute arbitrary code, escalate privileges, and obtain sensitive information due to the way ROS2 handles shell command execution in components like command interpreters or interfaces that process external inputs.
A shell injection vulnerability was discovered in ROS2 (Robot Operating System 2) Galactic Geochelone ROS_VERSION 2 and ROS_PYTHON_VERSION 3, allows attackers to execute arbitrary code, escalate privileges, and obtain sensitive information due to the way ROS2 handles shell command execution in components like command interpreters or interfaces that process external inputs.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2024-30694
- https://github.com/yashpatelphd/CVE-2024-30691
- http://www.openwall.com/lists/oss-security/2024/04/23/2
- http://www.openwall.com/lists/oss-security/2024/04/23/3
- http://www.openwall.com/lists/oss-security/2024/04/23/4
- http://www.openwall.com/lists/oss-security/2024/04/23/5
CVE ID
Связанные уязвимости
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that there was not reasonable evidence to determine the existence of a vulnerability.