| Vulnerability Name: | CVE-2020-15121 (CCN-185666) | ||||||||||||
| Assigned: | 2020-05-24 | ||||||||||||
| Published: | 2020-05-24 | ||||||||||||
| Updated: | 2022-01-04 | ||||||||||||
| Summary: | In radare2 before version 4.5.0, malformed PDB file names in the PDB server path cause shell injection. To trigger the problem it's required to open the executable in radare2 and run idpd to trigger the download. The shell code will execute, and will create a file called pwned in the current directory. | ||||||||||||
| CVSS v3 Severity: | 9.6 Critical (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H) 8.3 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C)
6.4 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N/E:U/RL:O/RC:C)
| ||||||||||||
| CVSS v2 Severity: | 6.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
| ||||||||||||
| Vulnerability Type: | CWE-78 | ||||||||||||
| Vulnerability Consequences: | Gain Access | ||||||||||||
| References: | Source: MITRE Type: CNA CVE-2020-15121 Source: XF Type: UNKNOWN radare2-cve202015121-command-exec(185666) Source: MISC Type: Patch, Third Party Advisory https://github.com/radareorg/radare2/commit/04edfa82c1f3fa2bc3621ccdad2f93bdbf00e4f9 Source: CCN Type: radare2 GIT Repository Command injection across r_sys_cmd* #16945 Source: MISC Type: Third Party Advisory https://github.com/radareorg/radare2/issues/16945 Source: MISC Type: Third Party Advisory https://github.com/radareorg/radare2/pull/16966 Source: CONFIRM Type: Third Party Advisory https://github.com/radareorg/radare2/security/advisories/GHSA-r552-vp94-9358 Source: FEDORA Type: Mailing List, Third Party Advisory FEDORA-2020-aa51efe207 Source: FEDORA Type: Mailing List, Third Party Advisory FEDORA-2020-d5b33b6e6c | ||||||||||||
| Vulnerable Configuration: | Configuration 1: Configuration 2:  Denotes that component is vulnerable | ||||||||||||
| BACK | |||||||||||||