Описание
A security flaw has been discovered in neurobin shc up to 4.0.3. Impacted is the function make of the file src/shc.c of the component Environment Variable Handler. The manipulation results in os command injection. The attack is only possible with local access. The exploit has been released to the public and may be exploited.
Ссылки
- Broken Link
- Permissions RequiredVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Broken Link
Уязвимые конфигурации
Конфигурация 1Версия до 4.0.3 (включая)
cpe:2.3:a:neurobin:shc:*:*:*:*:*:*:*:*
EPSS
Процентиль: 15%
0.00048
Низкий
5.3 Medium
CVSS3
7.8 High
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-77
CWE-78
Связанные уязвимости
CVSS3: 5.3
github
6 месяцев назад
A security flaw has been discovered in neurobin shc up to 4.0.3. Impacted is the function make of the file src/shc.c of the component Environment Variable Handler. The manipulation results in os command injection. The attack is only possible with local access. The exploit has been released to the public and may be exploited.
EPSS
Процентиль: 15%
0.00048
Низкий
5.3 Medium
CVSS3
7.8 High
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-77
CWE-78