CVE-2020-15778
7.8
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
scp in OpenSSH through 8.3p1 allows command injection in the scp.c toremote function, as demonstrated by backtick characters in the destination argument. NOTE: the vendor reportedly has stated that they intentionally omit validation of "anomalous argument transfers" because that could "stand a great chance of breaking existing workflows."
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: poc
- Automatable: no
- Technical Impact: total
CVE Program Container
Additional References
- https://www.openssh.com/security.html
- https://github.com/cpandya2909/CVE-2020-15778/
- https://security.netapp.com/advisory/ntap-20200731-0007/
- https://news.ycombinator.com/item?id=25005567
- https://security.gentoo.org/glsa/202212-06
- https://access.redhat.com/errata/RHSA-2024:3166
References
- https://www.openssh.com/security.html
- https://github.com/cpandya2909/CVE-2020-15778/
- https://security.netapp.com/advisory/ntap-20200731-0007/
- https://news.ycombinator.com/item?id=25005567
- https://security.gentoo.org/glsa/202212-06
- https://access.redhat.com/errata/RHSA-2024:3166
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.