OS Command Injection in electrum - CVE-2018-6353
Published: January 27, 2018 / Updated: August 8, 2020
Vulnerability identifier: #VU37581
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2018-6353
CWE-ID: CWE-78
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: spesmilo
Affected software:
electrum
electrum
Detailed vulnerability description
The vulnerability allows a local authenticated user to execute arbitrary code.
The Python console in Electrum through 2.9.4 and 3.x through 3.0.5 supports arbitrary Python code without considering (1) social-engineering attacks in which a user pastes code that they do not understand and (2) code pasted by a physically proximate attacker at an unattended workstation, which makes it easier for attackers to steal Bitcoin via hook code that runs at a later time when the wallet password has been entered, a different vulnerability than CVE-2018-1000022.
How to mitigate CVE-2018-6353
Install update from vendor's website.