CVE-2019-1000018 : rssh version 2.3.4 contains a CWE-77: Improper Neutralization of Special Element

rssh version 2.3.4 contains a CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in allowscp permission that can result in Local command execution. This attack appear to be exploitable via An authorized SSH user with the allowscp permission.

Published 2019-02-04 21:29:01

Updated 2025-03-19 20:15:16

Source MITRE

View at NVD, CVE.org

Products affected by CVE-2019-1000018

Debian » Debian Linux » Version: 8.0
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
Matching versions
Debian » Debian Linux » Version: 9.0
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 14.04 ESM Edition
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 18.04 LTS Edition
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 18.10
cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 16.04 ESM Edition
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
Matching versions
Fedoraproject » Fedora » Version: 31
cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
Matching versions
Fedoraproject » Fedora » Version: 29
cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*
Matching versions
Fedoraproject » Fedora » Version: 30
cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
Matching versions
Pizzashack » Rssh » Version: 2.3.4
cpe:2.3:a:pizzashack:rssh:2.3.4:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2019-1000018

EPSS FAQ

0.21%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 40 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2019-1000018

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
4.6	MEDIUM	AV:L/AC:L/Au:N/C:P/I:P/A:P	3.9	6.4	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial
7.8	HIGH	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H	1.8	5.9	NIST
Attack Vector: Local Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2019-1000018

CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')

The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2019-1000018

http://seclists.org/fulldisclosure/2021/May/78

Full Disclosure: KL-001-2021-007: CommScope Ruckus IoT Controller Undocumented Account
Mailing List;Not Applicable;Third Party Advisory

CVEs referencing this url
https://www.debian.org/security/2019/dsa-4377

Debian -- Security Information -- DSA-4377-1 rssh
Third Party Advisory
https://esnet-security.github.io/vulnerabilities/20190115_rssh

Command Execution Vulnerability in rssh with allowscp (CVE-2019-1000018) | esnet-security.github.io
Exploit;Third Party Advisory
https://lists.debian.org/debian-lts-announce/2019/01/msg00027.html

[SECURITY] [DLA 1650-1] rssh security update
Mailing List;Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T42YYNWJZG422GATWAHAEK4A24OKY557/

[SECURITY] Fedora 30 Update: rssh-2.3.4-15.fc30 - package-announce - Fedora Mailing-Lists
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HO3MDU3AH5SLYBKHH5PJ6PHC63ASIF42/

[SECURITY] Fedora 31 Update: rssh-2.3.4-15.fc31 - package-announce - Fedora Mailing-Lists

CVEs referencing this url
https://usn.ubuntu.com/3946-1/

USN-3946-1: rssh vulnerabilities | Ubuntu security notices
Third Party Advisory

CVEs referencing this url
https://security.gentoo.org/glsa/202007-29

rssh: Multiple vulnerabilities (GLSA 202007-29) — Gentoo security
Third Party Advisory

CVEs referencing this url
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KR2OHTHMJVV4DO3HDRFQQZ5JENHDJQEN/

[SECURITY] Fedora 29 Update: rssh-2.3.4-15.fc29 - package-announce - Fedora Mailing-Lists

CVEs referencing this url
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KR2OHTHMJVV4DO3HDRFQQZ5JENHDJQEN/

[SECURITY] Fedora 29 Update: rssh-2.3.4-15.fc29 - package-announce - Fedora Mailing-Lists
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HO3MDU3AH5SLYBKHH5PJ6PHC63ASIF42/

[SECURITY] Fedora 31 Update: rssh-2.3.4-15.fc31 - package-announce - Fedora Mailing-Lists
https://github.com/WlX-33/PoC-for-CVE/blob/main/CVE-2021-33216%2CCVE-2019-1000018/CommScope%20Ruckus%20IoT%20Controller%201.7.1.0%20Undocumented%20Account.txt
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T42YYNWJZG422GATWAHAEK4A24OKY557/

[SECURITY] Fedora 30 Update: rssh-2.3.4-15.fc30 - package-announce - Fedora Mailing-Lists

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2019-1000018

Products affected by CVE-2019-1000018

Exploit prediction scoring system (EPSS) score for CVE-2019-1000018

CVSS scores for CVE-2019-1000018

CWE ids for CVE-2019-1000018

References for CVE-2019-1000018