Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact
8.8
CVSSv3

CVE-2017-16544

Published: 20/11/2017 Updated: 28/10/2022
CVSS v2 Base Score: 6.5 | Impact Score: 6.4 | Exploitability Score: 8
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 580
Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P

Vulnerability Summary

In the add_match function in libbb/lineedit.c in BusyBox up to and including 1.27.2, the tab autocomplete feature of the shell, used to get a list of filenames in a directory, does not sanitize filenames and results in executing any escape sequence in the terminal. This could potentially result in code execution, arbitrary file writes, or other attacks.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

busybox busybox

debian debian linux 8.0

debian debian linux 9.0

vmware esxi 6.0

vmware esxi 6.5

vmware esxi 6.7

redlion n-tron 702-w firmware

redlion n-tron 702m12-w firmware

canonical ubuntu linux 16.04

canonical ubuntu linux 14.04

Vendor Advisories

Ubuntu Security Notice: busybox vulnerabilities
Several security issues were fixed in BusyBox ...
Debian CVElist Bug Report Logs: CVE-2017-15874 / CVE-2017-15873
Debian Bug report logs - #879732 CVE-2017-15874 / CVE-2017-15873 Package: busybox; Maintainer for busybox is Debian Install System Team <debian-boot@listsdebianorg>; Source for busybox is src:busybox (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <jmm@debianorg> Date: Wed, 25 Oct 2017 07:12:02 UTC Severity ...
Debian CVElist Bug Report Logs: busybox: CVE-2017-16544: lineedit: do not tab-complete any strings which have control characters
Debian Bug report logs - #882258 busybox: CVE-2017-16544: lineedit: do not tab-complete any strings which have control characters Package: src:busybox; Maintainer for src:busybox is Debian Install System Team <debian-boot@listsdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Mon, 20 Nov 2017 1 ...
Red Hat: CVE-2017-16544
It was found that the tab auto-completion feature of BusyBox did not sanitize filenames, leading to execution of arbitrary escape sequences in the terminal emulator Exploitation of this flaw by an attacker could potentially result in code execution, arbitrary file writes, or other attacks under highly specific circumstances dependent on the usage ...
Arch Linux Issues:
In the add_match function in libbb/lineeditc in BusyBox through 1272, the tab autocomplete feature of the shell, used to get a list of filenames in a directory, does not sanitize filenames and results in executing any escape sequence in the terminal This could potentially result in code execution, arbitrary file writes, or other attacks ...

Exploits

Exploit DB: Phoenix Contact TC Router / TC Cloud Client Command Injection
Phoenix Contact TC Router and TC Cloud Client versions 2053 and below, 20317 and below, and 10317 and below suffer from authenticated command injection and various other vulnerabilities ...
Exploit DB: ZTE Mobile Hotspot MS910S Backdoor / Hardcoded Password
ZTE Mobile Hotspot MS910S version DL_MF910S_CN_EUV10001 suffers from having a hard-coded administrative password, busybox vulnerabilities, and having a known backdoor in the GoAhead webserver ...
Exploit DB: Altus Sistemas de Automacao Products CSRF / Command Injection / Hardcoded Credentials
Multiple Altus Sistemas de Automacao products such as the Nexto NX30xx Series, Nexto NX5xxx Series, Nexto Xpress XP3xx Series, and Hadron Xtorm HX3040 Series suffer from command injection, cross site request forgery, and hardcoded credential vulnerabilities ...
Exploit DB: Red Lion N-Tron 702-W / 702M12-W 2.0.26 XSS / CSRF / Shell
Red Lion N-Tron 702-W and 702M12-W versions 2026 and below suffer from cross site request forgery, hidden shell interface, cross site scripting and busybox vulnerabilities ...
Exploit DB: Pepperl+Fuchs IO-Link Master Series 1.36 CSRF / XSS / Command Injection
Pepperl+Fuchs IO-Link Master Series with system version 136 and application version 1528 suffers from command injection, cross site request forgery, cross site scripting, denial of service, and null pointer vulnerabilities ...
Exploit DB: Nexans FTTO GigaSwitch Outdated Components / Hardcoded Backdoor
Nexans FTTO GigaSwitch industrial/office switches HW version 5 suffer from having a hardcoded backdoor user and multiple outdated vulnerable software components ...
Exploit DB: WAGO 852 Industrial Managed Switch Series Code Execution / Hardcoded Credentials
The industrial managed switch series 852 from WAGO is affected by multiple vulnerabilities such as old software components embedded in the firmware Furthermore, hardcoded password hashes and credentials were also found by doing an automated scan with IoT Inspector ...
Exploit DB: Cisco Device Hardcoded Credentials / GNU glibc / BusyBox
Many Cisco devices such as Cisco RV340, Cisco RV340W, Cisco RV345, Cisco RV345P, Cisco RV260, Cisco RV260P, Cisco RV260W, Cisco 160, and Cisco 160W suffer from having hard-coded credentials, known GNU glibc, known BusyBox, and IoT Inspector identified vulnerabilities ...

Mailing Lists

Full Disclosure: SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series
SEC Consult Vulnerability Lab Security Advisory < 20190612-0 > ======================================================================= title: Multiple vulnerabilities product: WAGO 852 Industrial Managed Switch Series vulnerable version: 852-303: <v122S0 852-1305: <v116S0 ...
Full Disclosure: SEC Consult SA-20210819-0 :: Multiple critical vulnerabilities in Altus Nexto and Hadron series
SEC Consult Vulnerability Lab Security Advisory < 20210819-0 > ======================================================================= title: Multiple Critical Vulnerabilities product: Multiple Altus Sistemas de Automacao products: Nexto NX30xx Series Nexto NX5xxx Series ...
Full Disclosure: SEC Consult SA-20200312-0 :: Authenticated Command Injection in Phoenix Contact TC Router & TC Cloud Client
SEC Consult Vulnerability Lab Security Advisory < 20200312-0 > ======================================================================= title: Authenticated Command Injection product: Phoenix Contact TC Router & TC Cloud Client vulnerable version: <=2053 & <=20317 & <=10317 fixed vers ...
Full Disclosure: SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X
SEC Consult Vulnerability Lab Security Advisory < 20190904-0 > ======================================================================= title: Multiple vulnerabilities product: Cisco RV340, Cisco RV340W, Cisco RV345, Cisco RV345P, Cisco RV260, Cisco RV260P, Cisco RV260W, Cisco 160, ...
Full Disclosure: SEC Consult SA-20200312-0 :: Authenticated Command Injection in Phoenix Contact TC Router & TC Cloud Client
SEC Consult Vulnerability Lab Security Advisory < 20200312-0 > ======================================================================= title: Authenticated Command Injection product: Phoenix Contact TC Router & TC Cloud Client vulnerable version: <=2053 & <=20317 & <=10317 fixed vers ...
Full Disclosure: SEC Consult SA-20200827-0 :: Multiple Vulnerabilities in ZTE mobile Hotspot MS910S
SEC Consult Vulnerability Lab Security Advisory < 20200827-0 > ======================================================================= title: Multiple Vulnerabilities product: ZTE mobile Hotspot MS910S vulnerable version: DL_MF910S_CN_EUV10001 fixed version: - CVE number: CVE-2019-3422 ...
Full Disclosure: SEC Consult SA-20210113-0 :: Multiple vulnerabilities in Pepperl+Fuchs IO-Link Master Series
SEC Consult Vulnerability Lab Security Advisory < 20210113-0 > ======================================================================= title: Multiple vulnerabilities product: Pepperl+Fuchs IO-Link Master Series See "Vulnerable / tested versions" vulnerable version: System 136 / Application 15 ...
Full Disclosure: SEC Consult SA-20200902-0 :: Multiple Vulnerabilities in Red Lion N-Tron 702-W, Red Lion N-Tron 702M12-W
SEC Consult Vulnerability Lab Security Advisory < 20200902-0 > ======================================================================= title: Multiple Vulnerabilities product: Red Lion N-Tron 702-W, Red Lion N-Tron 702M12-W vulnerable version: <=2026 fixed version: CVE number: CVE-2020-16210, CVE ...

References

CWE-94https://www.twistlock.com/2017/11/20/cve-2017-16544-busybox-autocompletion-vulnerability/https://git.busybox.net/busybox/commit/?id=c3797d40a1c57352192c6106cc0f435e7d9c11e8https://lists.debian.org/debian-lts-announce/2018/07/msg00037.htmlhttps://usn.ubuntu.com/3935-1/http://seclists.org/fulldisclosure/2019/Jun/18https://seclists.org/bugtraq/2019/Jun/14http://seclists.org/fulldisclosure/2019/Sep/7https://seclists.org/bugtraq/2019/Sep/7http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.htmlhttp://www.vmware.com/security/advisories/VMSA-2019-0013.htmlhttp://packetstormsecurity.com/files/154536/VMware-Security-Advisory-2019-0013.htmlhttp://seclists.org/fulldisclosure/2020/Mar/15http://seclists.org/fulldisclosure/2020/Aug/20https://us-cert.cisa.gov/ics/advisories/icsa-20-240-01http://seclists.org/fulldisclosure/2020/Sep/6http://seclists.org/fulldisclosure/2021/Jan/39https://lists.debian.org/debian-lts-announce/2021/02/msg00020.htmlhttp://seclists.org/fulldisclosure/2021/Aug/21http://seclists.org/fulldisclosure/2022/Jun/36http://packetstormsecurity.com/files/167552/Nexans-FTTO-GigaSwitch-Outdated-Components-Hardcoded-Backdoor.htmlhttps://nvd.nist.govhttps://usn.ubuntu.com/3935-1/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316firmwareCVE-2024-30078CVE-2024-5995remote code executionlogic flawCVE-2024-20693CVE-2024-37315CVE-2024-5464
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook