Vulnerability Details CVE-2022-27966
Xshell v7.0.0099 and below contains a binary hijack vulnerability which allows attackers to execute arbitrary code via a crafted .exe file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 21.3%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 6.9
References
- https://github.com/ycdxsb/Vuln/blob/main/NetSarang-CreateProcessW-Misuse-Binary-Hijack/Xshell-CreateProcessW-Misuse-Binary-Hijack
- https://www.netsarang.com/en/xshell-update-history/
- https://github.com/ycdxsb/Vuln/blob/main/NetSarang-CreateProcessW-Misuse-Binary-Hijack/Xshell-CreateProcessW-Misuse-Binary-Hijack
- https://www.netsarang.com/en/xshell-update-history/