CVE-2021-3331

WinSCP before 5.17.10 allows remote attackers to execute arbitrary programs when the URL handler encounters a crafted URL that loads session settings. (For example, this is exploitable in a default installation in which WinSCP is the handler for sftp:// URLs.)
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:winscp:winscp:*:*:*:*:*:*:*:*

Information

Published : 2021-01-27 13:15

Updated : 2021-02-04 07:59


NVD link : CVE-2021-3331

Mitre link : CVE-2021-3331


JSON object : View

Advertisement

dedicated server usa

Products Affected

winscp

  • winscp