Skip to main content
CVE-2014-7169 CRITICAL POC KEV PATCH THREAT Act Now

GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and public exploit code available.

Command Injection Apache SSH
NVD Exploit-DB VulDB
CVSS 3.1
9.8
EPSS
90.1%
Threat
7.7

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy