CNNVD-202602-2065 Information
CNNVD ID
CNNVD-202602-2065
Related CVE
- CNNVD Published: 2026-02-12
Description (Chinese)
emp3r0r是Jimmy Mi个人开发者的一个Linux框架工具。 emp3r0r 3.21.1之前版本存在操作系统命令注入漏洞,该漏洞源于在签入期间接受不受信任的代理元数据并将其插入tmux shell命令字符串,可能导致命令注入和远程代码执行。
Description (English)
Emp3r0r is a Linux framework tool for Jimmy Mi personal developers. emp3rr0r 3.21.1 has an operational system command leak, which results from the acceptance of untrusted proxy metadata during signature and their insertion into the tmux shell command string, which may lead to command injection and remote code execution.
Vulnerability Type
操作系统命令注入
Affected Vendor
个人开发者
Published
2026-02-12
Last Modified
2026-02-24
References
https://github.com/jm33-m0/emp3r0r/commit/0cd64e4a26e7839a9a54bca3d756a665fcb7fda0 https://github.com/jm33-m0/emp3r0r/releases/tag/v3.21.1 https://github.com/jm33-m0/emp3r0r/security/advisories/GHSA-h5p4-4xp4-vjpp
Patch
https://github.com/jm33-m0/emp3r0r/releases
Share on: