Unrated severityNVD Advisory· Published Jul 14, 2023· Updated Oct 30, 2024

CVE-2023-38336

Description

netkit-rcp in rsh-client 0.17-24 allows command injection via filenames because /bin/sh is used by susystem, a related issue to CVE-2006-0225, CVE-2019-7283, and CVE-2020-15778.

Affected products

rsh-client/netkit-rcpdescription
Debian/rsh-clientllm-create
Range: <=0.17-24

Patches

Vulnerability mechanics

References

bugs.debian.org/cgi-bin/bugreport.cgimitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000