Description
ws-scrcpy is vulnerable to External Control of File Name or Path
References (2)
Core 2
Core References
Exploit, Issue Tracking, Patch, Third Party Advisory x_refsource_confirm
https://huntr.dev/bounties/dc7fc98f-4f4f-440a-b6f6-124a56ea36ef
Patch, Third Party Advisory x_refsource_misc
https://github.com/netristv/ws-scrcpy/commit/e83cf65438bef83a3503b25358bba97bcc156fef
Scores
CVSS v3
7.5
EPSS
0.0123
EPSS Percentile
64.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-610
CWE-73
Status
published
Products (1)
ws_scrcpy_project/ws_scrcpy
< 0.7.1
Published
Jan 04, 2022
Tracked Since
Feb 18, 2026