Lshell
CVE-2016-6902
CRITICAL
Severity by source
AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionCVE.org
lshell 0.9.16 allows remote authenticated users to break out of a limited shell and execute arbitrary commands.
AnalysisAI
lshell 0.9.16 allows remote authenticated users to break out of a limited shell and execute arbitrary commands. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity.
Technical ContextAI
This vulnerability is classified under CWE-264. lshell 0.9.16 allows remote authenticated users to break out of a limited shell and execute arbitrary commands. Affected products include: Lshell Project Lshell.
RemediationAI
A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
Same technique Privilege Escalation
View allShare
External POC / Exploit Code
Leaving vuln.today