Description
In radare2 before 3.7.0, a command injection vulnerability exists in bin_symbols() in libr/core/cbin.c. By using a crafted executable file, it's possible to execute arbitrary shell commands with the permissions of the victim. This vulnerability is due to improper handling of symbol names embedded in executables.
Exploits (1)
References (6)
Core 6
Core References
Exploit, Third Party Advisory x_refsource_misc
https://bananamafia.dev/post/r2-pwndebian/
Patch, Third Party Advisory x_refsource_misc
https://github.com/radare/radare2/pull/14690
Release Notes x_refsource_misc
https://github.com/radare/radare2/releases/tag/3.7.0
Mailing List, Third Party Advisory vendor-advisory
x_refsource_fedora
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQO7V37RGQEKZDLY2JYKDZTLNN2YUBC5/
Mailing List, Third Party Advisory vendor-advisory
x_refsource_fedora
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MGA2PVBFA6VPWWLMBGWVBESHAJBQ7OXJ/
Mailing List, Third Party Advisory vendor-advisory
x_refsource_fedora
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ETWG4VKHWL5F74L3QBBKSCOXHSRNSRRT/
Scores
CVSS v3
7.8
EPSS
0.0708
EPSS Percentile
91.6%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Details
CWE
CWE-77
Status
published
Products (4)
fedoraproject/fedora
29
fedoraproject/fedora
30
fedoraproject/fedora
31
radare/radare2
< 3.7.0
Published
Aug 07, 2019
Tracked Since
Feb 18, 2026