Remote code execution in rxvt-unicode



Published: 2023-01-04
Risk Medium
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2022-4170
CWE-ID CWE-74
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe 		rxvt-unicode
Other software / Other software solutions

Vendor rxvt-unicode

Security Bulletin

This security bulletin contains one medium risk vulnerability.

1) Improper Neutralization of Special Elements in Output Used by a Downstream Component

EUVDB-ID: #VU70670

Risk: Medium

CVSSv3.1: 5.9 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-4170

CWE-ID: CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to improper input validation in the Perl background extension. A remote attacker can pass specially crafted input to the application and execute arbitrary commands in the victim's terminal when certain configuration is used.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

rxvt-unicode: 9.0 - 9.29

External links

http://bugzilla.redhat.com/show_bug.cgi?id=2151597
http://www.openwall.com/lists/oss-security/2022/12/05/1


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###