Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2019-17664

NSA Ghidra through 9.0.4 uses a potentially untrusted search path. When executing Ghidra from a given path, the Java process working directory is set to this path. Then, when launching the Python interpreter via the "Ghidra Codebrowser > Window > Python" option, Ghidra will try to execute the cmd.exe program from this working directory.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 38.0%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 4.4
Products affected by CVE-2019-17664
  • Nsa » Ghidra » Version: N/A
    cpe:2.3:a:nsa:ghidra:-
  • Nsa » Ghidra » Version: 9.0
    cpe:2.3:a:nsa:ghidra:9.0
  • Nsa » Ghidra » Version: 9.0.1
    cpe:2.3:a:nsa:ghidra:9.0.1
  • Nsa » Ghidra » Version: 9.0.2
    cpe:2.3:a:nsa:ghidra:9.0.2
  • Nsa » Ghidra » Version: 9.0.3
    cpe:2.3:a:nsa:ghidra:9.0.3
  • Nsa » Ghidra » Version: 9.0.4
    cpe:2.3:a:nsa:ghidra:9.0.4


Products
Pricing
Contact Us

Shodan ® - All rights reserved