The web interface in BitTorrent allows remote attackers to execute arbitrary commands by leveraging knowledge of the pairing values and a crafted request to port 10000.
References
Link | Resource |
---|---|
http://www.zerodayinitiative.com/advisories/ZDI-14-418/ |
Configurations
Information
Published : 2014-12-12 07:59
Updated : 2014-12-15 19:30
NVD link : CVE-2014-8515
Mitre link : CVE-2014-8515
JSON object : View
CWE
CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
Products Affected
bittorrent
- bittorrent