CVE-2017-16544 — HIGH (8.8)

Q: How severe is CVE-2017-16544?

CVE-2017-16544 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2017-16544?

Check the references section above for vendor advisories and patch information. Affected products include: Busybox Busybox, Debian Debian Linux, Vmware Esxi, Redlion N-Tron 702-W Firmware, Redlion N-Tron 702-W.

Vulnerability Description

In the add_match function in libbb/lineedit.c in BusyBox through 1.27.2, the tab autocomplete feature of the shell, used to get a list of filenames in a directory, does not sanitize filenames and results in executing any escape sequence in the terminal. This could potentially result in code execution, arbitrary file writes, or other attacks.

CVSS Score

8.8

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Busybox	Busybox	<= 1.27.2
Debian	Debian Linux	8.0
Vmware	Esxi	6.0
Redlion	N-Tron 702-W Firmware	All versions
Redlion	N-Tron 702-W	-
Redlion	N-Tron 702M12-W Firmware	All versions
Redlion	N-Tron 702M12-W	-
Canonical	Ubuntu Linux	14.04

Related Weaknesses (CWE)

CWE-94

References

http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GExploitThird Party AdvisoryVDB Entry
http://packetstormsecurity.com/files/154536/VMware-Security-Advisory-2019-0013.hExploitThird Party AdvisoryVDB Entry
http://packetstormsecurity.com/files/167552/Nexans-FTTO-GigaSwitch-Outdated-CompExploitThird Party AdvisoryVDB Entry
http://seclists.org/fulldisclosure/2019/Jun/18ExploitMailing ListThird Party Advisory
http://seclists.org/fulldisclosure/2019/Sep/7ExploitMailing ListThird Party Advisory
http://seclists.org/fulldisclosure/2020/Aug/20ExploitMailing ListThird Party Advisory
http://seclists.org/fulldisclosure/2020/Mar/15ExploitMailing ListThird Party Advisory
http://seclists.org/fulldisclosure/2020/Sep/6ExploitMailing ListThird Party Advisory
http://seclists.org/fulldisclosure/2021/Aug/21ExploitMailing ListThird Party Advisory
http://seclists.org/fulldisclosure/2021/Jan/39ExploitMailing ListThird Party Advisory
http://seclists.org/fulldisclosure/2022/Jun/36ExploitMailing ListThird Party Advisory
http://www.vmware.com/security/advisories/VMSA-2019-0013.htmlThird Party Advisory
https://git.busybox.net/busybox/commit/?id=c3797d40a1c57352192c6106cc0f435e7d9c1PatchVendor Advisory
https://lists.debian.org/debian-lts-announce/2018/07/msg00037.htmlMailing ListThird Party Advisory
https://lists.debian.org/debian-lts-announce/2021/02/msg00020.htmlMailing ListThird Party Advisory

FAQ

What is CVE-2017-16544?

CVE-2017-16544 is a vulnerability with a CVSS score of 8.8 (HIGH). In the add_match function in libbb/lineedit.c in BusyBox through 1.27.2, the tab autocomplete feature of the shell, used to get a list of filenames in a directory, does not sanitize filenames and resu...

How severe is CVE-2017-16544?

CVE-2017-16544 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2017-16544?

Check the references section above for vendor advisories and patch information. Affected products include: Busybox Busybox, Debian Debian Linux, Vmware Esxi, Redlion N-Tron 702-W Firmware, Redlion N-Tron 702-W.