Уязвимость выполнения произвольных команд через некорректное экранирование HTTP метода в функции 'Copy as cURL' в Devtools
Описание
Функция Copy as cURL
в разделе сетевых инструментов Devtools некорректно обрабатывает экранирование HTTP метода запроса, что позволяет веб-сайту контролировать этот метод. Если пользователь использует функцию Copy as cURL
и вставляет команду в терминал, это приводит к внедрению команд и выполнению произвольных команд.
Затронутые версии ПО
- Thunderbird до версии 68.6
- Firefox до версии 74
- Firefox ESR до версии 68.6
Тип уязвимости
- Внедрение команд
- Выполнение произвольного кода
Ссылки
- ExploitIssue TrackingVendor Advisory
- Third Party Advisory
- Third Party Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- ExploitIssue TrackingVendor Advisory
- Third Party Advisory
- Third Party Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Одно из
Одно из
EPSS
8.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
Связанные уязвимости
The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP method of a request, which can be controlled by the website. If a user used the 'Copy as Curl' feature and pasted the command into a terminal, it could have resulted in command injection and arbitrary command execution. This vulnerability affects Thunderbird < 68.6, Firefox < 74, Firefox < ESR68.6, and Firefox ESR < 68.6.
The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP method of a request, which can be controlled by the website. If a user used the 'Copy as Curl' feature and pasted the command into a terminal, it could have resulted in command injection and arbitrary command execution. This vulnerability affects Thunderbird < 68.6, Firefox < 74, Firefox < ESR68.6, and Firefox ESR < 68.6.
The 'Copy as cURL' feature of Devtools' network tab did not properly e ...
The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP method of a request, which can be controlled by the website. If a user used the 'Copy as Curl' feature and pasted the command into a terminal, it could have resulted in command injection and arbitrary command execution. This vulnerability affects Thunderbird < 68.6, Firefox < 74, Firefox < ESR68.6, and Firefox ESR < 68.6.
EPSS
8.8 High
CVSS3
6.8 Medium
CVSS2