CVE-2013-6881

N/A Unknown

Published: January 07, 2014 Modified: April 29, 2026

Description

CRU Ditto Forensic FieldStation with firmware before 2013Oct15a allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) sector size or (2) skip count fields for the forensic imaging task.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://packetstormsecurity.com/files/124420/Ditto-Forensic-FieldStation-2013Oct15a-XSS-CSRF-Command-Execution.html

Source: cve@mitre.org

Exploit

http://seclists.org/fulldisclosure/2013/Dec/80

Source: cve@mitre.org

Exploit

http://secunia.com/advisories/55989

Source: cve@mitre.org

Vendor Advisory

http://www.cru-inc.com/support/software-downloads/ditto-firmware-updates/ditto-firmware-release-notes-2013jun30a/

Source: cve@mitre.org

Vendor Advisory

http://www.cru-inc.com/support/software-downloads/ditto-firmware-updates/ditto-firmware-release-notes-2013oct15a/

Source: cve@mitre.org

Vendor Advisory

http://www.exploit-db.com/exploits/30396

Source: cve@mitre.org

Exploit

http://packetstormsecurity.com/files/124420/Ditto-Forensic-FieldStation-2013Oct15a-XSS-CSRF-Command-Execution.html