Command Injection Vulnerability in crosh in Google Chrome OS
CVE-2017-15403 · MEDIUM Severity
AV:L/AC:M/AU:N/C:P/I:P/A:P
Insufficient data validation in crosh could lead to a command injection under chronos privileges in Networking in Google Chrome on Chrome OS prior to 61.0.3163.113 allowed a local attacker to execute arbitrary code via a crafted HTML page.
Learn more about our Cis Benchmark Audit For Google Chrome.