vendor:
Windows PowerShell
by:
John Page (aka hyp3rlinx)
6.1
CVSS
HIGH
PowerShell Single Quote Code Execution / Event Log Bypass
78
CWE
Product Name: Windows PowerShell
Affected Version From: Not specified
Affected Version To: Not specified
Patch Exists: NO
Related CWE:
CPE: o:microsoft:windows
Platforms Tested: Windows
Not specified
Microsoft Windows PowerShell Single Quote Code Execution and Event Log Bypass Vulnerability
The vulnerability in Microsoft Windows PowerShell allows for code execution by bypassing single quote restrictions. By using a combination of semicolon and ampersand characters, a specially crafted filename can trigger arbitrary code execution and evade PS event logging. This can lead to unauthorized file execution and potential security breaches.
Mitigation:
To mitigate this vulnerability, it is recommended to sanitize user inputs and avoid processing filenames with special characters. Additionally, restricting access to PowerShell and implementing strict file execution policies can help prevent exploitation.
