Skip to main content

Netkit

3 CVEs product

Monthly

CVE-2023-38336 CRITICAL POC Act Now

netkit-rcp in rsh-client 0.17-24 allows command injection via filenames because /bin/sh is used by susystem, a related issue to CVE-2006-0225, CVE-2019-7283, and CVE-2020-15778. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Netkit
NVD
CVSS 3.1
9.8
EPSS
1.8%
CVE-2019-7283 HIGH POC This Week

An issue was discovered in rcp in NetKit through 0.17. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Information Disclosure Netkit Debian Linux
NVD
CVSS 3.1
7.4
EPSS
2.0%
CVE-2019-7282 MEDIUM POC This Month

In NetKit through 0.17, rcp.c in the rcp client allows remote rsh servers to bypass intended access restrictions via the filename of . Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Authentication Bypass Netkit Debian Linux Fedora
NVD
CVSS 3.1
5.9
EPSS
2.1%
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

netkit-rcp in rsh-client 0.17-24 allows command injection via filenames because /bin/sh is used by susystem, a related issue to CVE-2006-0225, CVE-2019-7283, and CVE-2020-15778. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Netkit
NVD
EPSS 2% CVSS 7.4
HIGH POC This Week

An issue was discovered in rcp in NetKit through 0.17. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Information Disclosure Netkit Debian Linux
NVD
EPSS 2% CVSS 5.9
MEDIUM POC This Month

In NetKit through 0.17, rcp.c in the rcp client allows remote rsh servers to bypass intended access restrictions via the filename of . Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Authentication Bypass Netkit Debian Linux +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy