Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2002-1898

CWE-78OS Command Injection4 documents4 sources
Severity
7.2HIGH
EPSS
5.9%
top 9.38%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Apple Terminal
Timeline
PublishedDec 31
Latest updateApr 30

Description

Terminal 1.3 in Apple Mac OS X 10.2 allows remote attackers to execute arbitrary commands via shell metacharacters in a telnet:// link, which is executed by Terminal.app window.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages1 packages

NVDapple/terminal< 1.3.1

Patches

Patch: lists.apple.comPatch: www.iss.netPatch: www.securityfocus.com

🔴Vulnerability Details

2
GHSA
GHSA-mw47-2hrx-68vv: Terminal 12022-04-30
CVEList
CVE-2002-1898: Terminal 12005-06-28

💥Exploits & PoCs

1
Exploit-DB
Apple Mac OSX 10.2 - Terminal.APP Telnet Link Command Execution2002-09-21
CVE-2002-1898 (HIGH CVSS 7.2) | Terminal 1.3 in Apple Mac OS X 10.2 | cvebase.io