Format string vulnerability in log.c in rssh before 2.2.2 allows remote authenticated users to execute arbitrary code.
6.9AI Score
0.006EPSS
Insufficient sanitization of arguments passed to rsync can bypass the restrictions imposed by rssh, a restricted shell that should restrict users to perform only rsync operations, resulting in the execution of arbitrary shell commands.
9.8CVSS
9.2AI Score
0.009EPSS
Insufficient sanitization of environment variables passed to rsync can bypass the restrictions imposed by rssh, a restricted shell that should restrict users to perform only rsync operations, resulting in the execution of arbitrary shell commands.
9.8CVSS
9.3AI Score
0.009EPSS