VDB
CVE-2020-15121
CVE-2020-15121
PUBLISHED
In radare2 before version 4.5.0, malformed PDB file names in the PDB server path cause shell injection. To trigger the problem it's required to open the executable in radare2 and run idpd to trigger the download. The shell code will execute, and will create a file called pwned in the current directory.
EPSS 0.84% · 75.1th percentile
Risk Scores
EPSS Score
0.84%
75.1th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:Pro:18.04:LTS | radare2 | 2.0.0+dfsg-1, 0, * |
| Ubuntu:16.04:LTS | radare2 | 0.9.6-3.1ubuntu1, 0 |
| Ubuntu:25.10 | radare2 | 5.9.8+dfsg-2ubuntu0.25.10.2, 5.9.8+dfsg-2ubuntu0.25.10.1, 5.9.8+dfsg-2 |
| Ubuntu:Pro:24.04:LTS | radare2 | 5.5.0+dfsg-1.1ubuntu2, 5.5.0+dfsg-1ubuntu1, 5.5.0+dfsg-1.1ubuntu3 |
| Ubuntu:Pro:20.04:LTS | radare2 | *, 4.2.1+dfsg-2ubuntu0.1~esm1, 4.2.1+dfsg-1 |
Timeline
- Jul 20, 2020 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 22, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Dec 27, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 27, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- May 1, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Nov 5, 2022 EPSS Score
References
- https://ubuntu.com/security/CVE-2020-15121 third-party-advisory
- https://github.com/radareorg/radare2/security/advisories/GHSA-r552-vp94-9358 third-party-advisory
- https://github.com/radareorg/radare2/issues/16945 third-party-advisory
- https://github.com/radareorg/radare2/pull/16966 third-party-advisory
- https://www.cve.org/CVERecord?id=CVE-2020-15121 third-party-advisory