Описание
PeaZIP 2.6.1, 2.5.1, and earlier on Windows allows user-assisted remote attackers to execute arbitrary commands via a .zip archive with a .txt file whose name contains | (pipe) characters and a command.
Уязвимые конфигурации
Конфигурация 1Версия до 2.5.1 (включая)
Одно из
cpe:2.3:a:giorgio_tani:peazip:*:-:windows:*:*:*:*:*
cpe:2.3:a:giorgio_tani:peazip:1.0:-:windows:*:*:*:*:*
cpe:2.3:a:giorgio_tani:peazip:1.1:-:windows:*:*:*:*:*
cpe:2.3:a:giorgio_tani:peazip:1.2:-:windows:*:*:*:*:*
cpe:2.3:a:giorgio_tani:peazip:1.3:-:windows:*:*:*:*:*
cpe:2.3:a:giorgio_tani:peazip:1.4:-:windows:*:*:*:*:*
cpe:2.3:a:giorgio_tani:peazip:1.5:-:windows:*:*:*:*:*
cpe:2.3:a:giorgio_tani:peazip:1.6:-:windows:*:*:*:*:*
cpe:2.3:a:giorgio_tani:peazip:1.7:-:windows:*:*:*:*:*
cpe:2.3:a:giorgio_tani:peazip:1.8:-:windows:*:*:*:*:*
cpe:2.3:a:giorgio_tani:peazip:1.8.1:-:windows:*:*:*:*:*
cpe:2.3:a:giorgio_tani:peazip:1.8.2:-:windows:*:*:*:*:*
cpe:2.3:a:giorgio_tani:peazip:1.9:-:windows:*:*:*:*:*
cpe:2.3:a:giorgio_tani:peazip:1.9.1:-:windows:*:*:*:*:*
cpe:2.3:a:giorgio_tani:peazip:1.9.2:-:windows:*:*:*:*:*
cpe:2.3:a:giorgio_tani:peazip:1.9.3:-:windows:*:*:*:*:*
cpe:2.3:a:giorgio_tani:peazip:1.10:-:windows:*:*:*:*:*
cpe:2.3:a:giorgio_tani:peazip:1.11:-:windows:*:*:*:*:*
cpe:2.3:a:giorgio_tani:peazip:2.0:-:windows:*:*:*:*:*
cpe:2.3:a:giorgio_tani:peazip:2.1:-:windows:*:*:*:*:*
cpe:2.3:a:giorgio_tani:peazip:2.2:-:windows:*:*:*:*:*
cpe:2.3:a:giorgio_tani:peazip:2.3a:-:windows:*:*:*:*:*
cpe:2.3:a:giorgio_tani:peazip:2.4:-:windows:*:*:*:*:*
cpe:2.3:a:giorgio_tani:peazip:2.4.1:-:windows:*:*:*:*:*
cpe:2.3:a:giorgio_tani:peazip:2.6.1:-:windows:*:*:*:*:*
EPSS
Процентиль: 99%
0.70587
Высокий
9.3 Critical
CVSS2
Дефекты
CWE-20
Связанные уязвимости
github
почти 4 года назад
PeaZIP 2.6.1, 2.5.1, and earlier on Windows allows user-assisted remote attackers to execute arbitrary commands via a .zip archive with a .txt file whose name contains | (pipe) characters and a command.
EPSS
Процентиль: 99%
0.70587
Высокий
9.3 Critical
CVSS2
Дефекты
CWE-20