Vulnerabilities

CVE-2018-18603

by Fred · 23/10/2018

** DISPUTED ** 360 Total Security 3.5.0.1033 allows a Sandbox Escape via an "import os" statement, followed by os.system("CMD") or os.system("PowerShell"), within a .py file. NOTE: the vendor’s position is that this cannot be categorized as a vulnerability, although it is a security-related issue.

Date published : 2018-10-23

https://github.com/sandboxescape/360-3.5.0.1033-Sandbox-Escape-Exploit/

Similar

Tags: Cybersecurity Alert