CVE-2026-43943

EPSS 0.17%
Veröffentlicht 08.05.2026 02:55:51
Zuletzt bearbeitet 08.05.2026 19:16:45
Quelle security-advisories@github.com
CVE-Watchlists
Login
Unerledigt
Login

electerm: RCE via malicious SSH server filename in openFileWithEditor

electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client. Prior to version 3.7.9, a code execution (RCE) vulnerability exists in electerm's SFTP open with system editor or "Edit with custom editor" feature. When a user opts to edit a file using open with system editor or open with a custom editor, the filename is passed directly into a command line without sanitization. A malicious actor controlling the SSH server or user OS can exploit this by crafting a filename containing shell metacharacters. If a victim subsequently attempts to edit this file, the injected commands are executed on their machine with the user's privileges. This could allow the attacker to run arbitrary code, install malware, or move laterally within the network. This issue has been patched in version 3.7.9.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 2 Referenzen 6

NVD 1 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Electerm Project ≫ Electerm Version < 3.7.9

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.17%	0.062

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
security-advisories@github.com	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.

CWE-88 Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')

The product constructs a string for a command to be executed by a separate component in another control sphere, but it does not properly delimit the intended arguments, options, or switches within that command string.

https://github.com/electerm/electerm/security/advisories/GHSA-q4p8-8j9m-8hxj

Patch

Vendor Advisory

https://github.com/electerm/electerm/commit/24ce7103e264cffe6eb5476c0506a2379e6f8333

Patch

https://github.com/electerm/electerm/releases/tag/v3.7.9

Release Notes

https://nvd.nist.gov/vuln/detail/CVE-2026-43943

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2026-43943

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2026-43943

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2026-43943