CVE-2024-38395
CRITICALiTerm2 3.5.0-3.5.1 - Remote Code Execution via Window Title Reporting
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2024-38395. PoCs published by vin01.
AI-analyzed exploit summary The repository claims to be a PoC for CVE-2024-38396 and CVE-2024-38395 but lacks actual exploit code. It references an external Docker image and a text file without providing technical details or functional exploit code.
Description
In iTerm2 before 3.5.2, the "Terminal may report window title" setting is not honored, and thus remote code execution might occur but "is not trivially exploitable."
Exploits (1)
github
SUSPICIOUS
19 stars
by vin01 · dockerfilepoc
https://github.com/vin01/poc-cve-2024-38396
The repository claims to be a PoC for CVE-2024-38396 and CVE-2024-38395 but lacks actual exploit code. It references an external Docker image and a text file without providing technical details or functional exploit code.
Classification
Suspicious 90%
Attack Type
Other
Complexity
Theoretical
Reliability
Theoretical
Target:
unspecified
No auth needed
Prerequisites:
Docker or access to external Docker image
devstral-2 · analyzed Feb 19, 2026
Full analysis →
References (5)
Core 5
Core References
Release Notes
https://gitlab.com/gnachman/iterm2/-/tags/v3.5.2
Mailing List, Third Party Advisory mailing-list
http://www.openwall.com/lists/oss-security/2024/06/17/1
Scores
CVSS v3
9.8
EPSS
0.0150
EPSS Percentile
70.9%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
total
Details
CWE
CWE-94
Status
published
Products (1)
iterm2/iterm2
3.5.0 - 3.5.2
Published
Jun 16, 2024
Tracked Since
Feb 18, 2026