CVE-2004-1628 β€” Use of Externally-Controlled Format String in Rssh

CWE-134 β€” Use of Externally-Controlled Format String2 documents2 sources
Severity
9.0CRITICALNVD
EPSS
2.6%
top 14.44%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Pizzashack Rssh
Timeline
PublishedOct 23
Latest updateApr 29

Description

Format string vulnerability in log.c in rssh before 2.2.2 allows remote authenticated users to execute arbitrary code.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 8.0 | Impact: 10.0

Affected Packages1 packages

β–ΆNVDpizzashack/rssh< 2.2.2

πŸ”΄Vulnerability Details

1
GHSA
GHSA-cf67-7j7r-89q3: Format string vulnerability in log↗2022-04-29
β–Ά
CVE-2004-1628 β€” Pizzashack Rssh vulnerability | cvebase