CVE-2020-15121
moderate-risk
Published 2020-07-20
In radare2 before version 4.5.0, malformed PDB file names in the PDB server path cause shell injection. To trigger the problem it's required to open the executable in radare2 and run idpd to trigger the download. The shell code will execute, and will create a file called pwned in the current directory.
Do I need to act?
-
0.59% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.4/10
High
NETWORK
/ LOW complexity
Affected Vendors
References (12)
Third Party Advisory
https://github.com/radareorg/radare2/issues/16945
Third Party Advisory
https://github.com/radareorg/radare2/pull/16966
Third Party Advisory
https://github.com/radareorg/radare2/security/advisories/GHSA-r552-vp94-9358
Third Party Advisory
https://github.com/radareorg/radare2/issues/16945
Third Party Advisory
https://github.com/radareorg/radare2/pull/16966
Third Party Advisory
https://github.com/radareorg/radare2/security/advisories/GHSA-r552-vp94-9358
37
/ 100
moderate-risk
Severity
26/34 · High
Exploitability
2/34 · Minimal
Exposure
9/34 · Low