CVE-2019-1000018

HIGH

rssh 2.3.4 - Command Injection

Title source: llm

Description

rssh version 2.3.4 contains a CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in allowscp permission that can result in Local command execution. This attack appear to be exploitable via An authorized SSH user with the allowscp permission.

References (13)

Core 13

Core References

Exploit, Third Party Advisory

https://esnet-security.github.io/vulnerabilities/20190115_rssh

Various Sources

https://github.com/WlX-33/PoC-for-CVE/blob/main/CVE-2021-33216%2CCVE-2019-1000018/CommScope%20Ruckus%20IoT%20Controller%201.7.1.0%20Undocumented%20Account.txt

View Exploit ZIP pw:eip

Mailing List, Third Party Advisory

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HO3MDU3AH5SLYBKHH5PJ6PHC63ASIF42/

Mailing List, Third Party Advisory

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KR2OHTHMJVV4DO3HDRFQQZ5JENHDJQEN/

Mailing List, Third Party Advisory

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T42YYNWJZG422GATWAHAEK4A24OKY557/

Third Party Advisory vendor-advisory

https://www.debian.org/security/2019/dsa-4377

Mailing List, Third Party Advisory mailing-list

https://lists.debian.org/debian-lts-announce/2019/01/msg00027.html

Third Party Advisory vendor-advisory

https://usn.ubuntu.com/3946-1/

Mailing List, Third Party Advisory vendor-advisory

https://lists.fedoraproject.org/archives/list/[email protected]/message/HO3MDU3AH5SLYBKHH5PJ6PHC63ASIF42/

Mailing List, Third Party Advisory vendor-advisory

https://lists.fedoraproject.org/archives/list/[email protected]/message/T42YYNWJZG422GATWAHAEK4A24OKY557/

Mailing List, Third Party Advisory vendor-advisory

https://lists.fedoraproject.org/archives/list/[email protected]/message/KR2OHTHMJVV4DO3HDRFQQZ5JENHDJQEN/

Third Party Advisory vendor-advisory

https://security.gentoo.org/glsa/202007-29

Mailing List, Not Applicable, Third Party Advisory mailing-list

http://seclists.org/fulldisclosure/2021/May/78

Scores

CVSS v3 7.8

EPSS 0.0029

EPSS Percentile 51.8%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-77

Status published

Products (10)

canonical/ubuntu_linux 14.04

canonical/ubuntu_linux 16.04

canonical/ubuntu_linux 18.04

canonical/ubuntu_linux 18.10

debian/debian_linux 8.0

debian/debian_linux 9.0

fedoraproject/fedora 29

fedoraproject/fedora 30

fedoraproject/fedora 31

pizzashack/rssh 2.3.4

Published Feb 04, 2019

Tracked Since Feb 18, 2026