An issue in Mintty v.3.6.4 and before allows a remote attacker to execute arbitrary code via crafted commands to the terminal.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HMintty Project Mintty
APPMintty Project≤ 3.6.4
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCE
Related vulnerabilities
CVE-2022-47583CRITICAL9.8ten sam produkt
Terminal character injection in Mintty before 3.6.3 allows code execution via unescaped output to the terminal...
CVE-2025-1052HIGH8.8ten sam produkt
Mintty Sixel Image Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability ...
CVE-2021-31701HIGH7.5ten sam produkt
Mintty before 3.4.7 mishandles Bracketed Paste Mode.
CVE-2021-28848HIGH7.5ten sam produkt
Mintty before 3.4.5 allows remote servers to cause a denial of service (Windows GUI hang) by telling the Mintt...