CVE-2021-38173 – Gentoo Linux Security Advisory 202402-32

https://notcve.org/view.php?id=CVE-2021-38173

07 Aug 2021 — Btrbk before 0.31.2 allows command execution because of the mishandling of remote hosts filtering SSH commands using ssh_filter_btrbk.sh in authorized_keys. Btrbk versiones anteriores a 0.31.2, permite una ejecución de comandos debido a un manejo inapropiado de los hosts remotos que filtran los comandos SSH usando el archivo ssh_filter_btrbk.sh en la función authorized_keys A vulnerability has been discovered in btrbk which can lead to remote code execution. Versions greater than or equal to 0.31.2 are affe... • https://github.com/digint/btrbk/blob/master/ChangeLog • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •