漏洞描述
Ack是一套文本搜索工具,类似于Linux中的grep命令,采用Perl语言编写,能够使用Perl正则表达式搜索文本,并把匹配的行打印出来。 ack 2.00至2.11_02版本中存在代码执行漏洞,该漏洞源于当程序处理包含( 1)--pager,(2)--regex或(3)--output选项的‘.ackrc’文件时存在错误。远程攻击者可利用该漏洞执行任意代码。
Ack 远程代码执行漏洞
PoC代码
暂无相关漏洞推荐
- Gladinet CentreStack & TrioFox /storage/t.dn 目录遍历漏洞(CVE-2025-11371)
- backup-files: Compressed Backup File - Detect
- POC CVE-2025-25062: Backdrop CMS - Cross-Site Scripting
- POC CVE-2010-1478: Joomla! Component Jfeedback 1.2 - Local File Inclusion
- POC CVE-2014-3206: Seagate BlackArmor NAS - Command Injection
- POC CVE-2016-1000136: WordPress heat-trackr 1.0 - Cross-Site Scripting
- POC CVE-2017-18500: Social Buttons Pack by BestWebSof < 1.1.1 - Cross-Site Scripting
- POC CVE-2020-16846: SaltStack <=3002 - Shell Injection
- POC CVE-2020-9547: FasterXML jackson-databind - Deserialization Remote Code Execution
- POC CVE-2020-9548: FasterXML Jackson Databind <=2.9.10.4 - Remote Code Execution
- POC CVE-2021-20038: SonicWall SMA100 Stack - Buffer Overflow/Remote Code Execution
- POC CVE-2021-24155: WordPress BackupGuard <1.6.0 - Authenticated Arbitrary File Upload
- POC CVE-2021-24991: WooCommerce PDF Invoices & Packing Slips WordPress Plugin < 2.10.5 - Cross-Site Scripting