Remote Code Execution Vulnerability in rxvt-unicode, rxvt, mrxvt, and Eterm

Remote Code Execution Vulnerability in rxvt-unicode, rxvt, mrxvt, and Eterm

CVE-2021-33477 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

rxvt-unicode 9.22, rxvt 2.7.10, mrxvt 0.5.4, and Eterm 0.9.7 allow (potentially remote) code execution because of improper handling of certain escape sequences (ESC G Q). A response is terminated by a newline.

Learn more about our Web Application Penetration Testing UK.