Description
OS command injection vulnerability in Nadesiko3 (PC Version) v3.3.61 and earlier allows a remote attacker to execute an arbitrary OS command when processing compression and decompression on the product.
No analysis available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
EUVD |
EUVD-2022-7682 | OS command injection vulnerability in Nadesiko3 (PC Version) v3.3.61 and earlier allows a remote attacker to execute an arbitrary OS command when processing compression and decompression on the product. |
Github GHSA |
GHSA-m8r5-7wf4-63mw | Nadesiko3 OS Command Injection vulnerability |
References
History
Thu, 24 Apr 2025 15:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Status: PUBLISHED
Assigner: jpcert
Published:
Updated: 2025-04-24T14:32:55.446Z
Reserved: 2022-10-17T00:00:00.000Z
Link: CVE-2022-41642
Updated: 2024-08-03T12:49:43.377Z
Status : Modified
Published: 2022-12-05T04:15:09.857
Modified: 2026-06-17T05:03:33.213
Link: CVE-2022-41642
No data.
OpenCVE Enrichment
No data.
Weaknesses
-
CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
EUVD
Github GHSA