Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
KiTTY versions 0.76.1.13 and before is vulnerable to command injection via the filename variable, occurs due to insufficient input sanitization and validation, failure to escape special characters, and insecure system calls (at lines 2369-2390). This allows an attacker to add inputs inside the filename variable, leading to arbitrary code execution.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
KiTTY 命令注入漏洞
Vulnerability Description
KiTTY是一个轻量级的telnet和WindowsSSH客户端,以及一个基于PuTTY的xword终端模拟器。 KiTTY 0.76.1.13及之前版本存在命令注入漏洞,该漏洞源于输入清理和验证不足、无法转义特殊字符以及不安全的系统调用,从而导致任意代码执行。
CVSS Information
N/A
Vulnerability Type
N/A