VYPR
Unrated severityNVD Advisory· Published Dec 5, 2014· Updated Jun 17, 2026

CVE-2014-8990

CVE-2014-8990

Description

default-rsyncssh.lua in Lsyncd 2.1.5 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a filename.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

5
  • Lsyncd/lsyncd2 versions
    cpe:2.3:a:lsyncd_project:lsyncd:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:lsyncd_project:lsyncd:*:*:*:*:*:*:*:*range: <=2.1.5
    • (no CPE)range: <=2.1.5
  • cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*
    • cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*

Patches

Vulnerability mechanics

References

11

News mentions

0

No linked articles in our index yet.