WebSVN search command execution

Added: 06/23/2021

Background

WebSVN is a web interface for Subversion repositories.

Problem

A command injection vulnerability allows remote unauthenticated attackers to execute arbitrary commands by sending a specially crafted search request.

Resolution

Upgrade to WebSVN 2.6.1 or higher.

References

https://www.cvedetails.com/cve/CVE-2021-32305/

Platforms

Linux

Back to exploit index