CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-39150
https://notcve.org/view.php?id=CVE-2023-39150
12 Sep 2023 — ConEmu before commit 230724 does not sanitize title responses correctly for control characters, potentially leading to arbitrary code execution. This is related to an incomplete fix for CVE-2022-46387. ConEmu antes del commit 230724 no sanitiza correctamente las respuestas de título para los caracteres de control, lo que podría provocar la ejecución de código arbitrario. Esto está relacionado con una solución incompleta para CVE-2022-46387. • https://gist.github.com/dgl/081cf503dc635df39d844e058a6d4c88 •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2022-46387
https://notcve.org/view.php?id=CVE-2022-46387
28 Mar 2023 — ConEmu through 220807 and Cmder before 1.3.21 report the title of the terminal, including control characters, which allows an attacker to change the title and then execute it as commands. • https://gist.github.com/dgl/05ca60cdc7efc9e47bbc58d0c952635e • CWE-116: Improper Encoding or Escaping of Output •