CVE-2015-9059

Published: 28 May 2017

picocom before 2.0 has a command injection vulnerability in the 'send and receive file' command because the command line is executed by /bin/sh unsafely.

Priority

Medium

CVSS 3 base score: 9.8

Status

Package Release Status
picocom
Launchpad, Ubuntu, Debian
Upstream
Released (1.7-2)
Ubuntu 16.04 ESM (Xenial Xerus)
Released (1.7-2build0.16.04.1)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was released [1.7-2build0.14.04.1])