cvedb.io
CVE-2018-16741
HIGH · CVSS 7.8
EPSS exploitation probability: 0%
Published 2018-09-13T16:29:00.280 · Last modified 2026-06-17T01:44:45.110

Summary

An issue was discovered in mgetty before 1.2.1. In fax/faxq-helper.c, the function do_activate() does not properly sanitize shell metacharacters to prevent command injection. It is possible to use the ||, &&, or > characters within a file created by the "faxq-helper activate <jobid>" command.

Affected products

mgetty_project — mgetty

Does this affect you?

Add your gear to cvedb and we'll alert you only when mgetty_project ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.