Terminal Title Command Injection Vulnerability

Terminal Title Command Injection Vulnerability

CVE-2022-46387 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

ConEmu through 220807 and Cmder before 1.3.21 report the title of the terminal, including control characters, which allows an attacker to change the title and then execute it as commands.

Learn more about our Web Application Penetration Testing UK.