A vulnerability in input validation exists in curl <8.0 during communication using the TELNET protocol may allow an malicious user to pass on maliciously crafted user name and "telnet options" during server negotiation. The lack of proper input scrubbing allows an malicious user to send content or perform option negotiation without the application's intent. This vulnerability could be exploited if an application allows user input, thereby enabling malicious users to execute arbitrary code on the system.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
haxx curl |
||
fedoraproject fedora 36 |
||
netapp active iq unified manager - |
||
netapp clustered data ontap 9.0 |
||
netapp h300s_firmware - |
||
netapp h500s_firmware - |
||
netapp h700s_firmware - |
||
netapp h410s_firmware - |
||
splunk universal forwarder 9.1.0 |
||
splunk universal forwarder |