CVE-2020-28468

Summary

This affects the package pwntools before 4.3.1. The shellcraft generator for affected versions of this module are vulnerable to Server-Side Template Injection (SSTI), which can lead to remote code execution.

Affected Software

VendorProductVersion RangeStatus
n/apwntoolsunspecified < 4.3.1affected

Weaknesses

  • Improper Control of Generation of Code ('Code Injection')

ADP Enrichment

CVE Program Container

Additional References

References