CVE-2020-15121

In radare2 before version 4.5.0, malformed PDB file names in the PDB server path cause shell injection. To trigger the problem it's required to open the executable in radare2 and run idpd to trigger the download. The shell code will execute, and will create a file called pwned in the current directory.
Configurations

Configuration 1 (hide)

cpe:2.3:a:radare:radare2:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*

History

21 Nov 2024, 05:04

Type Values Removed Values Added
CVSS v2 : 6.8
v3 : 9.6
v2 : 6.8
v3 : 7.4
References () https://github.com/radareorg/radare2/commit/04edfa82c1f3fa2bc3621ccdad2f93bdbf00e4f9 - Patch, Third Party Advisory () https://github.com/radareorg/radare2/commit/04edfa82c1f3fa2bc3621ccdad2f93bdbf00e4f9 - Patch, Third Party Advisory
References () https://github.com/radareorg/radare2/issues/16945 - Third Party Advisory () https://github.com/radareorg/radare2/issues/16945 - Third Party Advisory
References () https://github.com/radareorg/radare2/pull/16966 - Third Party Advisory () https://github.com/radareorg/radare2/pull/16966 - Third Party Advisory
References () https://github.com/radareorg/radare2/security/advisories/GHSA-r552-vp94-9358 - Third Party Advisory () https://github.com/radareorg/radare2/security/advisories/GHSA-r552-vp94-9358 - Third Party Advisory
References () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MWC7KNBETYE5MK6VIUU26LUIISIFGSBZ/ - () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MWC7KNBETYE5MK6VIUU26LUIISIFGSBZ/ -
References () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YE77P5RSE2T7JHEKMWF2ARTSJGMPXCFY/ - () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YE77P5RSE2T7JHEKMWF2ARTSJGMPXCFY/ -

07 Nov 2023, 03:17

Type Values Removed Values Added
References
  • {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MWC7KNBETYE5MK6VIUU26LUIISIFGSBZ/', 'name': 'FEDORA-2020-aa51efe207', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'FEDORA'}
  • {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YE77P5RSE2T7JHEKMWF2ARTSJGMPXCFY/', 'name': 'FEDORA-2020-d5b33b6e6c', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'FEDORA'}
  • () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YE77P5RSE2T7JHEKMWF2ARTSJGMPXCFY/ -
  • () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MWC7KNBETYE5MK6VIUU26LUIISIFGSBZ/ -

Information

Published : 2020-07-20 18:15

Updated : 2024-11-21 05:04


NVD link : CVE-2020-15121

Mitre link : CVE-2020-15121

CVE.ORG link : CVE-2020-15121


JSON object : View

Products Affected

radare

  • radare2

fedoraproject

  • fedora
CWE
CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')