Arbitrary Command Execution Vulnerability in DHCPv6 Client

Arbitrary Command Execution Vulnerability in DHCPv6 Client

CVE-2011-2717 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

The DHCPv6 client (dhcp6c) as used in the dhcpv6 project through 2011-07-25 allows remote DHCP servers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP message.

Learn more about our Cis Benchmark Audit For Server Software.