PT-2022-18781 · Vandyke · Vshell For Windows
Published
2022-05-02
·
Updated
2023-08-08
·
CVE-2022-28054
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
VanDyke Software VShell for Windows version 4.6.2
Description
The issue is related to improper sanitization of trigger action scripts, allowing attackers to execute arbitrary code via a crafted value.
Recommendations
For VanDyke Software VShell for Windows version 4.6.2, update to a version that addresses the improper sanitization of trigger action scripts to prevent the execution of arbitrary code.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Vshell For Windows