VYPR
High severity7.8NVD Advisory· Published Jan 20, 2018· Updated Jun 17, 2026

CVE-2017-15108

CVE-2017-15108

Description

spice-vdagent up to and including 0.17.0 does not properly escape save directory before passing to shell, allowing local attacker with access to the session the agent runs in to inject arbitrary commands to be executed.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

10

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.