📦

vshell

Vendor: van_dyke_technologies

Actively Exploited 0 CISA KEV List

PoC / Exploits 0 Code Available

Total RCEs 2 Remote Access

Total CVEs 3 Total Indexed

Avg. EPSS 0.88% Exploit Prob.

Latest CVE CVE-2022-28054 May 02

Security Vulnerability Index

Page 1 / 1

9.8 CVSS

CVE-2022-28054

RCE

Improper sanitization of trigger action scripts in VanDyke Software VShell for Windows v4.6.2 allows attackers to execute arbitrary code via a crafted value.

EPSS: 1.61%

Severity: CRITICAL

May 02, 2022

7.8 CVSS

CVE-2007-6031

Unspecified vulnerability in VanDyke VShell 3.0.1 allows remote attackers to cause a denial of service via unspecified vectors. NOTE: this information is based upon a vague advisory by a vulnerability information sales organization that does not coordinate with vendors or release actionable advisories. A CVE has been assigned for tracking purposes, but duplicates with other CVEs are difficult to determine.

EPSS: 0.67%

Severity: HIGH

Nov 20, 2007

7.5 CVSS

CVE-2001-0155

RCE

Format string vulnerability in VShell SSH gateway 1.0.1 and earlier allows remote attackers to execute arbitrary commands via a user name that contains format string specifiers.

EPSS: 1.13%

Severity: HIGH

Jun 02, 2001

2.1 CVSS

CVE-2001-0156

VShell SSH gateway 1.0.1 and earlier has a default port forwarding rule of 0.0.0.0/0.0.0.0, which could allow local users to conduct arbitrary port forwarding to other systems.

EPSS: 0.10%

Severity: LOW

Jun 02, 2001

Displaying 4 of 3 Total Entries

Total 1 Sections