CVE-2008-3076

Vim - OS Command Injection via Netrw Plugin Filename Handling

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-3076. PoCs published by Jan Minar.

AI-analyzed exploit summary The provided text describes a command-execution vulnerability in Netrw 125 due to insufficient input sanitization. It references a security advisory and a link to an exploit archive but does not contain actual exploit code.

Description

The Netrw plugin 125 in netrw.vim in Vim 7.2a.10 allows user-assisted attackers to execute arbitrary code via shell metacharacters in filenames used by the execute and system functions within the (1) mz and (2) mc commands, as demonstrated by the netrw.v2 and netrw.v3 test cases. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2008-2712.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Jan Minar · textremotelinux

https://www.exploit-db.com/exploits/32012

View Code ZIP pw:eip

The provided text describes a command-execution vulnerability in Netrw 125 due to insufficient input sanitization. It references a security advisory and a link to an exploit archive but does not contain actual exploit code.

Classification

Writeup 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Theoretical

Target: Netrw 125

No auth needed

Prerequisites: User interaction to execute malicious input in Netrw

MITRE ATT&CK

T1202 - Indirect Command Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (16)

Core 16

Core References

Mailing List vendor-advisory x_refsource_suse

http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html

Exploit mailing-list x_refsource_mlist

http://marc.info/?l=oss-security&m=122416184431388&w=2

Exploit, Patch, Vendor Advisory x_refsource_misc

http://www.rdancer.org/vulnerablevim-netrw.html

Vendor Advisory vendor-advisory x_refsource_redhat

http://www.redhat.com/support/errata/RHSA-2008-0580.html

Mailing List mailing-list x_refsource_mlist

http://www.openwall.com/lists/oss-security/2008/10/20/2

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/34418

Exploit mailing-list x_refsource_mlist

http://www.openwall.com/lists/oss-security/2008/07/07/1

Exploit vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/30115

Exploit, Patch, Vendor Advisory x_refsource_misc

http://www.rdancer.org/vulnerablevim-netrw.v2.html

Third Party Advisory x_refsource_confirm

http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0324

Mailing List mailing-list x_refsource_bugtraq

http://marc.info/?l=bugtraq&m=121494431426308&w=2

Mailing List mailing-list x_refsource_mlist

http://www.openwall.com/lists/oss-security/2008/07/08/12

Issue Tracking x_refsource_confirm

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506919

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/43624

Exploit, Patch mailing-list x_refsource_mlist

http://www.openwall.com/lists/oss-security/2008/07/07/4

Vendor Advisory vendor-advisory x_refsource_mandriva

http://www.mandriva.com/security/advisories?name=MDVSA-2008:236

Scores

EPSS 0.0902

EPSS Percentile 94.6%

Details

CWE

CWE-78

Status published

Products (1)

vim/vim 7.2a.10

Published Feb 21, 2009

Tracked Since Feb 18, 2026