---

CVE-2025-49091 - log back

CVE-2025-49091 edited at 11 Jun 2025 03:16:10
References	https://kde.org/info/security/advisory-20250609-1.txt https://proofnet.de/publikationen/konsole_rce.html https://nvd.nist.gov/vuln/detail/CVE-2025-49091 https://www.openwall.com/lists/oss-security/2025/06/10/5 + https://invent.kde.org/utilities/konsole/-/commit/09d20dea109050b4c02fb73095f327b5642a2b75

CVE-2025-49091 edited at 11 Jun 2025 03:13:57
References	https://kde.org/info/security/advisory-20250609-1.txt https://proofnet.de/publikationen/konsole_rce.html https://nvd.nist.gov/vuln/detail/CVE-2025-49091 + https://www.openwall.com/lists/oss-security/2025/06/10/5

CVE-2025-49091 edited at 11 Jun 2025 03:13:17
Severity	- Unknown + High

CVE-2025-49091 edited at 11 Jun 2025 03:12:58
Remote	- Unknown + Remote
Type	- Unknown + Arbitrary code execution
References	https://kde.org/info/security/advisory-20250609-1.txt https://proofnet.de/publikationen/konsole_rce.html + https://nvd.nist.gov/vuln/detail/CVE-2025-49091

CVE-2025-49091 edited at 11 Jun 2025 03:12:19

Description

+ Konsole supports loading URLs from the scheme handlers such as telnet://URL. This can be executed regardless of whether the telnet binary is available. - Konsole supports loading URLs from the scheme handlers such as - telnet://URL. This can be executed regardless of whether the telnet - binary is available. + In this mode konsole had a path where if telnet was not available it would fall back to using bash for the given arguments provided; which is the URL provided. This allows an attacker to execute arbitrary code. - In this mode konsole had a path where if telnet was not available it - would fall back to using bash for the given arguments provided; which - is the URL provided. This allows an attacker to execute arbitrary - code. + Browsers typically provide a prompt when a user opens an external scheme handler which would look suspicious, requiring user interaction - Browsers typically provide a prompt when a user opens an external - scheme handler which would look suspicious, requiring user interaction to be exploitable.

CVE-2025-49091 edited at 11 Jun 2025 03:05:33

Description

+ Konsole supports loading URLs from the scheme handlers such as + telnet://URL. This can be executed regardless of whether the telnet + binary is available. + + In this mode konsole had a path where if telnet was not available it + would fall back to using bash for the given arguments provided; which + is the URL provided. This allows an attacker to execute arbitrary + code. + + Browsers typically provide a prompt when a user opens an external + scheme handler which would look suspicious, requiring user interaction + to be exploitable.

CVE-2025-49091 edited at 11 Jun 2025 03:04:47
References	+ https://kde.org/info/security/advisory-20250609-1.txt + https://proofnet.de/publikationen/konsole_rce.html

CVE-2025-49091 created at 11 Jun 2025 03:04:27
Severity	+ Unknown
Remote	+ Unknown
Type	+ Unknown
Description
References
Notes