Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In ksh version 20120801, a flaw was found in the way it evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely.
CVSS Information
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
在命令中使用的特殊元素转义处理不恰当(命令注入)
Vulnerability Title
ksh 命令注入漏洞
Vulnerability Description
ksh是个人开发者的一种 Shell 语言。 ksh 20120801版本中存在命令注入漏洞。远程攻击者利用该漏洞覆盖或绕过环境限制来执行shell命令。
CVSS Information
N/A
Vulnerability Type
N/A