CVE-2017-1000473

Linux Dash up to version v2 is vulnerable to multiple command injection vulnerabilities in the way module names are parsed and then executed resulting in code execution on the server, potentially as root.
References
Link Resource
https://github.com/afaqurk/linux-dash/issues/447 Exploit Issue Tracking Patch Third Party Advisory
https://github.com/afaqurk/linux-dash/issues/447 Exploit Issue Tracking Patch Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:linux-dash_project:linux-dash:*:*:*:*:*:*:*:*

History

21 Nov 2024, 03:04

Type Values Removed Values Added
References () https://github.com/afaqurk/linux-dash/issues/447 - Exploit, Issue Tracking, Patch, Third Party Advisory () https://github.com/afaqurk/linux-dash/issues/447 - Exploit, Issue Tracking, Patch, Third Party Advisory

Information

Published : 2018-01-03 20:29

Updated : 2024-11-21 03:04


NVD link : CVE-2017-1000473

Mitre link : CVE-2017-1000473

CVE.ORG link : CVE-2017-1000473


JSON object : View

Products Affected

linux-dash_project

  • linux-dash
CWE
CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')