An issue was discovered in CALDERA 2.8.1. When activated, the Human plugin passes the unsanitized name parameter to a python "os.system" function. This allows attackers to use shell metacharacters (e.g., backticks "``" or dollar parenthesis "$()" ) in order to escape the current command and execute arbitrary shell commands.
oryginał ENCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HMitre Caldera
APPMitre≤ 2.8.1
Powiązane podatności
An issue was discovered in CALDERA 2.8.1. It contains multiple startup "requirements" that execute commands wh...
An issue was discovered in CALDERA 2.8.1. It does not properly segregate user privileges, resulting in non-adm...
An issue was discovered in CALDERA 2.9.0. The Debrief plugin receives base64 encoded "SVG" parameters when gen...
A command injection vulnerability in the sandcat plugin of Caldera 2.3.1 and earlier allows authenticated atta...
MITRE CALDERA 4.1.0 allows stored XSS via app.contact.gist (aka the gist contact configuration field), leading...