SecureCRT telnet URI Arbitrary Configuration Folder Remote Command Execution
High Nessus Plugin ID 15820
SynopsisArbitrary commands may be run through the remote service.
DescriptionThe remote host is using a vulnerable version of SecureCRT, a SSH/Telnet client built for Microsoft Windows operation systems.
It has been reported that SecureCRT does not safely check the protocol handler. As a result, an attacker may be able to exploit it by setting up a malicious SMB share.
SolutionUpgrade to SecureCRT 4.1.9 or newer.