Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 14/07/2023 Updated: 27/07/2023

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 0

netkit-rcp in rsh-client 0.17-24 allows command injection via filenames because /bin/sh is used by susystem, a related issue to CVE-2006-0225, CVE-2019-7283, and CVE-2020-15778.

Vulnerable Product	Search on Vulmon	Subscribe to Product
netkit netkit 0.17-24

Debian Bug report logs - #1039689 rsh-client: CVE-2023-38336: Command injection in netkit-rcp Package: rsh-client; Maintainer for rsh-client is Debian QA Group <packages@qadebianorg>; Source for rsh-client is src:netkit-rsh (PTS, buildd, popcon) Reported by: Jeffrey Bencteux <jeffbencteux@gmailcom> Date: Wed, 28 J ...

CWE-77 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1039689 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1039689 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2023-38336

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect