CVE-2013-6769 : The CyanogenMod/ClockWorkMod/Koush Superuser package 1.0.2.1 for Android allows

The CyanogenMod/ClockWorkMod/Koush Superuser package 1.0.2.1 for Android allows attackers to gain privileges via shell metacharacters in the -c option to /system/xbin/su.

Published 2014-03-31 14:58:58

Updated 2025-04-12 10:46:41

Source MITRE

View at NVD, CVE.org

Products affected by CVE-2013-6769

Koushik Dutta » Superuser » Version: 1.0.2.1
cpe:2.3:a:koushik_dutta:superuser:1.0.2.1:*:*:*:*:*:*:*
Matching versions
When used together with: Google » Android

Exploit prediction scoring system (EPSS) score for CVE-2013-6769

EPSS FAQ

0.34%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 54 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2013-6769

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
10.0	HIGH	AV:N/AC:L/Au:N/C:C/I:C/A:C	10.0	10.0	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete

CWE ids for CVE-2013-6769

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2013-6769

http://www.securityfocus.com/archive/1/529797

SecurityFocus
Exploit

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2013-6769

Products affected by CVE-2013-6769

Exploit prediction scoring system (EPSS) score for CVE-2013-6769

CVSS scores for CVE-2013-6769

CWE ids for CVE-2013-6769

References for CVE-2013-6769