Denial of Service Vulnerability in Busybox's ash Applet

Denial of Service Vulnerability in Busybox's ash Applet

CVE-2021-42375 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

An incorrect handling of a special element in Busybox's ash applet leads to denial of service when processing a crafted shell command, due to the shell mistaking specific characters for reserved characters. This may be used for DoS under rare conditions of filtered command input.

Learn more about our Web Application Penetration Testing UK.