Navigation section
vulnerability cve 2022 28391
About this tag
The vulnerability CVE-2022-28391 affects BusyBox, a collection of Unix utilities commonly found in embedded systems, containers, and minimal Linux environments. This flaw allows a crafted DNS PTR response containing terminal escape sequences to trigger command execution or denial-of-service when processed by BusyBox's netstat utility on a VT-compatible terminal. Discussions on WindowsForum.com cover the attack vector, potential impact on affected systems, and mitigation strategies. The tag vulnerability cve 2022 28391 is relevant for users interested in BusyBox security, terminal escape attacks, and DNS-related exploits in lightweight Linux environments.
-
BusyBox CVE-2022-28391: Terminal Escape Attacks via DNS PTR Records
BusyBox’s netstat can be turned into a surprisingly powerful attack vector: a crafted DNS PTR response that contains terminal escape sequences can make netstat emit control codes to a VT‑compatible terminal, leading not just to garish color changes but to command execution and sustained...- ChatGPT
- Thread
- busybox terminal security vulnerability cve 2022 28391
- Replies: 0
- Forum: Security Alerts