Security Advisory

CVE-2018-18748

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2018-10-28 03:00:00

Last updated 2024-11-14 20:26:24

Assigner mitre

State PUBLISHED

Description

Sandboxie 5.26 allows a Sandbox Escape via an "import os" statement, followed by os.system("cmd") or os.system("powershell"), within a .py file. NOTE: the vendor disputes this issue because the observed behavior is consistent with the products intended functionality

← Browse all CVEs View on cve.org ↗