Description
An issue was discovered in the cantata-mounter D-Bus service in Cantata through 2.3.1. The wrapper script 'mount.cifs.wrapper' uses the shell to forward the arguments to the actual mount.cifs binary. The shell evaluates wildcards (such as in an injected string:/home/../tmp/* string).
References (2)
Core 2
Core References
Patch, Technical Description x_refsource_misc
https://github.com/CDrummond/cantata/commit/afc4f8315d3e96574925fb530a7004cc9e6ce3d3
Mailing List, Technical Description x_refsource_misc
http://www.openwall.com/lists/oss-security/2018/06/18/1
Scores
CVSS v3
9.8
EPSS
0.0038
EPSS Percentile
59.2%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-20
Status
published
Products (1)
cantata_project/cantata
< 2.3.1
Published
Jun 19, 2018
Tracked Since
Feb 18, 2026