• Sign in

CVE-2015-9059

    CVE-2015-9059  
Description picocom before 2.0 has a command injection vulnerability in the 'send and receive file' command because the command line is executed by /bin/sh unsafely.
Impact
  CVSS v3 : 9.8 CRITICAL  

  CVSS v2 : 10 HIGH  
Type
  CWE-77  
Attack Vector
CVSSv2 Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C
Quick linksCVE, NVD, CERT, Metasploit, Exploit-db, Fulldisc, Bugtraq, Microsoft, Red Hat, Debian, GitHub code/issues, Google
References
https://github.com/npat-efault/picocom/commit/1ebc60b20fbe9a02436d5cbbf8951714e749ddb1
https://lists.debian.org/debian-lts-announce/2020/06/msg00030.html
  • FAQ
  • Terms of service
  • Privacy policy