> batbadbut_incsharp.exe
Hello!
I am going to run following command. Guess what will happen ;-)
cmd /C echo "\"&calc.exe"
See? The calc.exe was started on your computer
Bye!
Press any key to stop this console program ...
"\"
- flatt SECURITY | BatBadBut: You can't securely execute commands on Windows
- Software Engineering Institute | Multiple programming languages fail to escape arguments properly in Microsoft Windows
- CVE IDs:
- CVE-2024-1874
- CVE-2024-22423
- CVE-2024-24576
- CVE-2024-3566