Lucene search
PRIOn knowledge basePRION:CVE-2019-13640HistoryJul 17, 2019 - 10:15 p.m.
Command injection
2019-07-1722:15:00
PRIOn knowledge base
www.prio-n.com
3
In qBittorrent before 4.1.7, the function Application::runExternalProgram() located in app/application.cpp allows command injection via shell metacharacters in the torrent name parameter or current tracker parameter, as demonstrated by remote command execution via a crafted name within an RSS feed.
| CPE | Name | Operator | Version |
|---|---|---|---|
| qbittorrent | lt | 4.1.7 |
References
lists.opensuse.org/opensuse-security-announce/2019-08/msg00080.html
lists.opensuse.org/opensuse-security-announce/2019-08/msg00085.html
github.com/qbittorrent/qBittorrent/issues/10925
lists.fedoraproject.org/archives/list/[email protected]/message/5T4XAX2VUI4WMAS5AI4OE3OEQSQCDCF5/
lists.fedoraproject.org/archives/list/[email protected]/message/OH3WYCKODG4OKMC4S6PWHLHAWWU6ORNC/
www.debian.org/security/2020/dsa-4650
Related
debian
debian
[SECURITY] [DSA 4650-1] qbittorrent security update
2020-04-02 20:49:51
[SECURITY] [DSA 4650-1] qbittorrent security update
2020-04-02 20:49:51
nessus
nessus
Debian DSA-4650-1 : qbittorrent - security update
2020-04-03 00:00:00
openSUSE Security Update : qbittorrent (openSUSE-2019-2005)
2019-08-26 00:00:00
Fedora 30 : 1:qbittorrent (2019-2cb551904b)
2019-09-19 00:00:00
cvelist
cvelist
CVE-2019-13640
2019-07-17 21:07:47
suse
suse
Security update for qbittorrent (moderate)
2019-08-24 00:00:00
Security update for qbittorrent (moderate)
2019-08-30 00:00:00
ubuntucve
ubuntucve
CVE-2019-13640
2019-07-17 00:00:00
alpinelinux
alpinelinux
CVE-2019-13640
2019-07-17 22:15:10
fedora
fedora
[SECURITY] Fedora 29 Update: qbittorrent-4.1.7-1.fc29
2019-09-19 01:54:00
[SECURITY] Fedora 30 Update: qbittorrent-4.1.7-1.fc30
2019-09-19 01:32:14
osv
osv
qbittorrent - security update
2020-04-02 00:00:00
CVE-2019-13640
2019-07-17 22:15:10
openvas
openvas
Mageia: Security Advisory (MGASA-2019-0379)
2022-01-28 00:00:00
Debian: Security Advisory (DSA-4650-1)
2020-04-03 00:00:00
Fedora Update for qbittorrent FEDORA-2019-ce6c6de3cc
2019-09-19 00:00:00
debiancve
debiancve
CVE-2019-13640
2019-07-17 22:15:10
cve
cve
CVE-2019-13640
2019-07-17 22:15:10
mageia
mageia
Updated qbittorrent packages fix security vulnerability
2019-12-13 21:25:24
nvd
nvd
CVE-2019-13640
2019-07-17 22:15:10