Описание
ConEmu through 220807 and Cmder before 1.3.21 report the title of the terminal, including control characters, which allows an attacker to change the title and then execute it as commands.
Ссылки
- Third Party Advisory
- Release Notes
- Third Party Advisory
- Release Notes
Уязвимые конфигурации
Конфигурация 1Версия до 1.3.2 (исключая)
cpe:2.3:a:cmder:cmder:*:*:*:*:*:*:*:*
Конфигурация 2Версия до 22.08.07 (включая)
cpe:2.3:a:maximus5:conemu:*:*:*:*:*:*:*:*
EPSS
Процентиль: 37%
0.00156
Низкий
9.8 Critical
CVSS3
Дефекты
NVD-CWE-noinfo
CWE-116
Связанные уязвимости
CVSS3: 9.8
github
почти 3 года назад
ConEmu through 220807 and Cmder before 1.3.21 report the title of the terminal, including control characters, which allows an attacker to change the title and then execute it as commands.
EPSS
Процентиль: 37%
0.00156
Низкий
9.8 Critical
CVSS3
Дефекты
NVD-CWE-noinfo
CWE-116