cvedb.io
CVE-2022-46387
CRITICAL · CVSS 9.8
EPSS exploitation probability: 0%
Published 2023-03-28T20:15:10.940 · Last modified 2026-06-17T05:11:40.173

Summary

ConEmu through 220807 and Cmder before 1.3.21 report the title of the terminal, including control characters, which allows an attacker to change the title and then execute it as commands.

Affected products

cmder — cmder

Does this affect you?

Add your gear to cvedb and we'll alert you only when cmder ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.