mirror of
https://github.com/0x5t4l1n/CVE.git
synced 2026-05-26 19:26:32 +00:00
Stalin
34 lines
970 B
Markdown
34 lines
970 B
Markdown
|
|
|
|
# CVE-2026-48097 — PATH Injection Leading to Arbitrary Command Execution in NexTOR IP Changer
|
|
|
|
**Severity:** High
|
|
**CWE:** CWE-78, CWE-476
|
|
|
|
## Summary
|
|
|
|
A command execution vulnerability exists in NexTOR IP Changer due to unsafe use of `shell=True` with commands that rely on executable resolution through the `PATH` environment variable. An attacker controlling the execution environment can place malicious executables such as `sudo` earlier in the `PATH`, resulting in execution of attacker-controlled code.
|
|
|
|
## Impact
|
|
|
|
* Arbitrary command execution
|
|
* Execution of attacker-controlled binaries
|
|
* Potential privilege escalation
|
|
* Full compromise of local system integrity and availability
|
|
|
|
## Affected
|
|
|
|
1.0.0-1
|
|
|
|
## Fixed
|
|
|
|
v2.0.0
|
|
|
|
## References
|
|
|
|
* https://github.com/advisories/GHSA-vx6r-vwjq-567w
|
|
* https://github.com/0x5t4l1n/NexTOR_IP_CHANGER/releases/tag/v2.0.0
|
|
|
|
## Credits
|
|
Remediation Developer: 0x5t4l1n
|