CVE-2015-9059

Sažetak

picocom before 2.0 has a command injection vulnerability in the 'send and receive file' command because the command line is executed by /bin/sh unsafely.

Reference

https://github.com/npat-efault/picocom/commit/1ebc60b20fbe9a02436d5cbbf8951714e749ddb1
https://lists.debian.org/debian-lts-announce/2020/06/msg00030.html

CVSS

Base:	10.0
Impact:	10.0
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

28-06-2020 - 17:15

Objavljeno

28-05-2017 - 00:29