Linux Dash up to version v2 is vulnerable to multiple command injection vulnerabilities in the way module names are parsed and then executed resulting in code execution on the server, potentially as root.
References
Link | Resource |
---|---|
https://github.com/afaqurk/linux-dash/issues/447 | Exploit Issue Tracking Patch Third Party Advisory |
https://github.com/afaqurk/linux-dash/issues/447 | Exploit Issue Tracking Patch Third Party Advisory |
Configurations
History
21 Nov 2024, 03:04
Type | Values Removed | Values Added |
---|---|---|
References | () https://github.com/afaqurk/linux-dash/issues/447 - Exploit, Issue Tracking, Patch, Third Party Advisory |
Information
Published : 2018-01-03 20:29
Updated : 2024-11-21 03:04
NVD link : CVE-2017-1000473
Mitre link : CVE-2017-1000473
CVE.ORG link : CVE-2017-1000473
JSON object : View
Products Affected
linux-dash_project
- linux-dash
CWE
CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')