CVE-2002-1898

Terminal < 1.3.1 - Remote Code Execution via Telnet URL Handler

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2002-1898. PoCs published by Taiyo Fujii.

AI-analyzed exploit summary This exploit leverages improper handling of telnet:// URIs in Mac OS X to execute arbitrary commands via embedded shell metacharacters. Clicking a crafted link (e.g., telnet://|ls -la) triggers command execution in Terminal.app with the user's privileges.

Description

Terminal 1.3 in Apple Mac OS X 10.2 allows remote attackers to execute arbitrary commands via shell metacharacters in a telnet:// link, which is executed by Terminal.app window.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Taiyo Fujii · textlocalosx
https://www.exploit-db.com/exploits/21815

This exploit leverages improper handling of telnet:// URIs in Mac OS X to execute arbitrary commands via embedded shell metacharacters. Clicking a crafted link (e.g., telnet://|ls -la) triggers command execution in Terminal.app with the user's privileges.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: Mac OS X (versions affected in 2002)
No auth needed
Prerequisites: User interaction (clicking a malicious link) · Terminal.app configured as the default handler for telnet:// URIs
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Mailing List, Patch, Vendor Advisory vendor-advisory x_refsource_apple
http://lists.apple.com/archives/security-announce/2002/Sep/msg00001.html
Broken Link, Exploit, Patch, Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/5768
Broken Link, Patch vdb-entry x_refsource_xf
http://www.iss.net/security_center/static/10156.php

Scores

EPSS 0.0317
EPSS Percentile 86.4%

Details

CWE
CWE-78
Status published
Products (1)
apple/terminal < 1.3.1
Published Dec 31, 2002
Tracked Since Feb 18, 2026