Command Injection Vulnerability in crosh in Google Chrome OS

Command Injection Vulnerability in crosh in Google Chrome OS

CVE-2017-15403 · MEDIUM Severity

AV:L/AC:M/AU:N/C:P/I:P/A:P

Insufficient data validation in crosh could lead to a command injection under chronos privileges in Networking in Google Chrome on Chrome OS prior to 61.0.3163.113 allowed a local attacker to execute arbitrary code via a crafted HTML page.

Learn more about our Cis Benchmark Audit For Google Chrome.