CVE-2008-6235 — OS Command Injection in VIM

CWE-78 — OS Command Injection7 documents6 sources

Severity

9.3CRITICALNVD

EPSS

2.6%

top 14.48%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

VIM Debian VIM

Timeline

PublishedFeb 21

Latest updateMay 17

Description

The Netrw plugin (netrw.vim) in Vim 7.0 and 7.1 allows user-assisted attackers to execute arbitrary commands via shell metacharacters in a filename used by the (1) "D" (delete) command or (2) b:netrw_curdir variable, as demonstrated using the netrw.v4 and netrw.v5 test cases.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages3 packages

▶debiandebian/vim< vim 2:7.2.148-1 (bookworm)

▶Debianvim/vim< 2:7.2.148-1+3

▶NVDvim/vim7.0, 7.1+1

Patches

Patch: www.rdancer.org ↗Patch: www.rdancer.org ↗Patch: www.rdancer.org ↗

🔴Vulnerability Details

GHSA

GHSA-f7gm-2q6r-xxwv: The Netrw plugin (netrw↗2022-05-17

▶

OSV

CVE-2008-6235: The Netrw plugin (netrw↗2009-02-21

▶

📋Vendor Advisories

Red Hat

plugin: lack of sanitization throughout netrw.vim can lead to arbitrary code execution↗2008-07-15

▶

Red Hat

plugin: lack of sanitization throughout netrw.vim can lead to arbitrary code execution↗2008-07-15

▶

Debian

CVE-2008-6235: vim - The Netrw plugin (netrw.vim) in Vim 7.0 and 7.1 allows user-assisted attackers t...↗2008

▶

💬Community

Bugzilla

CVE-2008-6235 Vim netrw.vim plugin: lack of sanitization throughout netrw.vim can lead to arbitrary code execution↗2008-10-17

▶