← Volver a CVEs
CVE-2022-46387
CRITICAL9.8
Descripcion
ConEmu through 220807 and Cmder before 1.3.21 report the title of the terminal, including control characters, which allows an attacker to change the title and then execute it as commands.
Detalles CVE
Puntuacion CVSS v3.19.8
SeveridadCRITICAL
Vector CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vector de ataqueNETWORK
ComplejidadLOW
Privilegios requeridosNONE
Interaccion usuarioNONE
Publicado3/28/2023
Ultima modificacion2/19/2025
Fuentenvd
Avistamientos honeypot0
Productos afectados
cmder:cmdermaximus5:conemu
Debilidades (CWE)
CWE-116
Referencias
https://gist.github.com/dgl/05ca60cdc7efc9e47bbc58d0c952635e(cve@mitre.org)
https://github.com/cmderdev/cmder/blob/master/CHANGELOG.md(cve@mitre.org)
https://gist.github.com/dgl/05ca60cdc7efc9e47bbc58d0c952635e(af854a3a-2127-422b-91ae-364da2661108)
https://github.com/cmderdev/cmder/blob/master/CHANGELOG.md(af854a3a-2127-422b-91ae-364da2661108)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.