Lucene search
HistoryMar 28, 2023 - 8:15 p.m.
CVE-2022-46387
conemu
cmder
terminal title
execute commands
cve-2022-46387
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.6
Confidence
High
EPSS
0.002
Percentile
59.9%
ConEmu through 220807 and Cmder before 1.3.21 report the title of the terminal, including control characters, which allows an attacker to change the title and then execute it as commands.
Affected configurations
Node
cmdercmderRange<1.3.2
Node
maximus5conemuRange≤22.08.07
Related
cve
cve
CVE-2022-46387
2023-03-28 20:15:10
CVE-2023-39150
2023-09-12 13:15:07
prion
prion
Command injection
2023-03-28 20:15:00
Remote code execution
2023-09-12 13:15:00
osv
osv
CVE-2022-46387
2023-03-28 20:15:10
CVE-2023-39150
2023-09-12 13:15:07
cvelist
cvelist
CVE-2022-46387
2023-03-28 00:00:00
CVE-2023-39150
2023-09-12 00:00:00
vulnrichment
vulnrichment
CVE-2023-39150
2023-09-12 00:00:00
nvd
nvd
CVE-2023-39150
2023-09-12 13:15:07
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.6
Confidence
High
EPSS
0.002
Percentile
59.9%
Related for NVD:CVE-2022-46387