Unrated severityNVD Advisory· Published Jan 7, 2014· Updated Apr 29, 2026

CVE-2013-6881

Description

CRU Ditto Forensic FieldStation with firmware before 2013Oct15a allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) sector size or (2) skip count fields for the forensic imaging task.

Affected products

Cru Inc/Ditto Forensic Fieldstation
cpe:2.3:h:cru-inc:ditto_forensic_fieldstation:-:*:*:*:*:*:*:*
Cru Inc/Ditto Forensic Fieldstation Firmware
cpe:2.3:o:cru-inc:ditto_forensic_fieldstation_firmware:*:*:*:*:*:*:*:*
Range: <=2013jun30a

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

packetstormsecurity.com/files/124420/Ditto-Forensic-FieldStation-2013Oct15a-XSS-CSRF-Command-Execution.htmlnvdExploit
seclists.org/fulldisclosure/2013/Dec/80nvdExploit
www.exploit-db.com/exploits/30396nvdExploit
secunia.com/advisories/55989nvdVendor Advisory
www.cru-inc.com/support/software-downloads/ditto-firmware-updates/ditto-firmware-release-notes-2013jun30a/nvdVendor Advisory
www.cru-inc.com/support/software-downloads/ditto-firmware-updates/ditto-firmware-release-notes-2013oct15a/nvdVendor Advisory

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.030
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000