CVE-2017-1000473
HIGHlinux-dash < 2.0 - OS Command Injection via Module Name Parsing
Title source: llmDescription
Linux Dash up to version v2 is vulnerable to multiple command injection vulnerabilities in the way module names are parsed and then executed resulting in code execution on the server, potentially as root.
References (1)
Core 1
Core References
Exploit, Issue Tracking, Patch, Third Party Advisory x_refsource_misc
https://github.com/afaqurk/linux-dash/issues/447
Scores
CVSS v3
7.8
EPSS
0.0109
EPSS Percentile
61.4%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-78
Status
published
Products (1)
linux-dash_project/linux-dash
< 2.0
Published
Jan 03, 2018
Tracked Since
Feb 18, 2026