AVG-588

Package transmission-cli
Status Fixed
Severity High
Type arbitrary command execution
Affected 2.92-7
Fixed 2.92-8
Current 2.94-1 [extra]
Ticket FS#57086
Created Wed Jan 17 12:26:32 2018
Issue Severity Remote Type Description
CVE-2018-5702 High Yes Arbitrary command execution
The transmission-daemon in Transmission before 2.93 relies on X-Transmission-Session-Id (which is not a forbidden header for Fetch) for access control,...
Date Advisory Package Description
17 Jan 2018 ASA-201801-13 transmission-cli arbitrary command execution