CVE-2017-16544

MITRE NVD CVE.ORG Print: PDF PDF

Summary

CVECVE-2017-16544
StatePUBLIC
Assigner[email protected]
Source PriorityCVE Program / NVD first with legacy fallback
Published2017-11-20 15:29:00 UTC
Updated2022-10-28 19:29:00 UTC
DescriptionIn the add_match function in libbb/lineedit.c in BusyBox through 1.27.2, the tab autocomplete feature of the shell, used to get a list of filenames in a directory, does not sanitize filenames and results in executing any escape sequence in the terminal. This could potentially result in code execution, arbitrary file writes, or other attacks.

Risk And Classification

Problem Types: CWE-94

NVD Known Affected Configurations (CPE 2.3)

TypeVendorProductVersionUpdateEditionLanguage
Application Busybox Busybox All All All All
Operating System Canonical Ubuntu Linux 14.04 All All All
Operating System Canonical Ubuntu Linux 16.04 All All All
Operating System Canonical Ubuntu Linux 14.04 All All All
Operating System Canonical Ubuntu Linux 16.04 All All All
Operating System Debian Debian Linux 8.0 All All All
Operating System Debian Debian Linux 9.0 All All All
Operating System Debian Debian Linux 8.0 All All All
Operating System Debian Debian Linux 9.0 All All All
Hardware Redlion N-tron 702-w - All All All
Hardware Redlion N-tron 702-w - All All All
Operating System Redlion N-tron 702-w Firmware All All All All
Operating System Redlion N-tron 702-w Firmware All All All All
Hardware Redlion N-tron 702m12-w - All All All
Hardware Redlion N-tron 702m12-w - All All All
Operating System Redlion N-tron 702m12-w Firmware All All All All
Operating System Redlion N-tron 702m12-w Firmware All All All All
Operating System Vmware Esxi 6.0 All All All
Operating System Vmware Esxi 6.0 - All All
Operating System Vmware Esxi 6.0 1 All All
Operating System Vmware Esxi 6.0 1a All All
Operating System Vmware Esxi 6.0 1b All All
Operating System Vmware Esxi 6.0 2 All All
Operating System Vmware Esxi 6.0 3 All All
Operating System Vmware Esxi 6.0 3a All All
Operating System Vmware Esxi 6.0 600-201504401 All All
Operating System Vmware Esxi 6.0 600-201505401 All All
Operating System Vmware Esxi 6.0 600-201507101 All All
Operating System Vmware Esxi 6.0 600-201507102 All All
Operating System Vmware Esxi 6.0 600-201507401 All All
Operating System Vmware Esxi 6.0 600-201507402 All All
Operating System Vmware Esxi 6.0 600-201507403 All All
Operating System Vmware Esxi 6.0 600-201507404 All All
Operating System Vmware Esxi 6.0 600-201507405 All All
Operating System Vmware Esxi 6.0 600-201507406 All All
Operating System Vmware Esxi 6.0 600-201507407 All All
Operating System Vmware Esxi 6.0 600-201509101 All All
Operating System Vmware Esxi 6.0 600-201509102 All All
Operating System Vmware Esxi 6.0 600-201509201 All All
Operating System Vmware Esxi 6.0 600-201509202 All All
Operating System Vmware Esxi 6.0 600-201509203 All All
Operating System Vmware Esxi 6.0 600-201509204 All All
Operating System Vmware Esxi 6.0 600-201509205 All All
Operating System Vmware Esxi 6.0 600-201509206 All All
Operating System Vmware Esxi 6.0 600-201509207 All All
Operating System Vmware Esxi 6.0 600-201509208 All All
Operating System Vmware Esxi 6.0 600-201509209 All All
Operating System Vmware Esxi 6.0 600-201509210 All All
Operating System Vmware Esxi 6.0 600-201510401 All All
Operating System Vmware Esxi 6.0 600-201511401 All All
Operating System Vmware Esxi 6.0 600-201601101 All All
Operating System Vmware Esxi 6.0 600-201601102 All All
Operating System Vmware Esxi 6.0 600-201601401 All All
Operating System Vmware Esxi 6.0 600-201601402 All All
Operating System Vmware Esxi 6.0 600-201601403 All All
Operating System Vmware Esxi 6.0 600-201601404 All All
Operating System Vmware Esxi 6.0 600-201601405 All All
Operating System Vmware Esxi 6.0 600-201602401 All All
Operating System Vmware Esxi 6.0 600-201603101 All All
Operating System Vmware Esxi 6.0 600-201603102 All All
Operating System Vmware Esxi 6.0 600-201603201 All All
Operating System Vmware Esxi 6.0 600-201603202 All All
Operating System Vmware Esxi 6.0 600-201603203 All All
Operating System Vmware Esxi 6.0 600-201603204 All All
Operating System Vmware Esxi 6.0 600-201603205 All All
Operating System Vmware Esxi 6.0 600-201603206 All All
Operating System Vmware Esxi 6.0 600-201603207 All All
Operating System Vmware Esxi 6.0 600-201603208 All All
Operating System Vmware Esxi 6.0 600-201605401 All All
Operating System Vmware Esxi 6.0 600-201608101 All All
Operating System Vmware Esxi 6.0 600-201608401 All All
Operating System Vmware Esxi 6.0 600-201608402 All All
Operating System Vmware Esxi 6.0 600-201608403 All All
Operating System Vmware Esxi 6.0 600-201608404 All All
Operating System Vmware Esxi 6.0 600-201608405 All All
Operating System Vmware Esxi 6.0 600-201610410 All All
Operating System Vmware Esxi 6.0 600-201611401 All All
Operating System Vmware Esxi 6.0 600-201611402 All All
Operating System Vmware Esxi 6.0 600-201611403 All All
Operating System Vmware Esxi 6.0 600-201702101 All All
Operating System Vmware Esxi 6.0 600-201702102 All All
Operating System Vmware Esxi 6.0 600-201702201 All All
Operating System Vmware Esxi 6.0 600-201702202 All All
Operating System Vmware Esxi 6.0 600-201702203 All All
Operating System Vmware Esxi 6.0 600-201702204 All All
Operating System Vmware Esxi 6.0 600-201702205 All All
Operating System Vmware Esxi 6.0 600-201702206 All All
Operating System Vmware Esxi 6.0 600-201702207 All All
Operating System Vmware Esxi 6.0 600-201702208 All All
Operating System Vmware Esxi 6.0 600-201702209 All All
Operating System Vmware Esxi 6.0 600-201702210 All All
Operating System Vmware Esxi 6.0 600-201702211 All All
Operating System Vmware Esxi 6.0 600-201702212 All All
Operating System Vmware Esxi 6.0 600-201703401 All All
Operating System Vmware Esxi 6.0 600-201706101 All All
Operating System Vmware Esxi 6.0 600-201706102 All All
Operating System Vmware Esxi 6.0 600-201706103 All All
Operating System Vmware Esxi 6.0 600-201706401 All All
Operating System Vmware Esxi 6.0 600-201706402 All All
Operating System Vmware Esxi 6.0 600-201706403 All All
Operating System Vmware Esxi 6.0 600-201710301 All All
Operating System Vmware Esxi 6.0 600-201811001 All All
Operating System Vmware Esxi 6.0 600-201811401 All All
Operating System Vmware Esxi 6.0 600-201903001 All All
Operating System Vmware Esxi 6.0 600-201905001 All All
Operating System Vmware Esxi 6.0 600-201909001 All All
Operating System Vmware Esxi 6.5 - All All
Operating System Vmware Esxi 6.5 650-201701001 All All
Operating System Vmware Esxi 6.5 650-201703001 All All
Operating System Vmware Esxi 6.5 650-201703002 All All
Operating System Vmware Esxi 6.5 650-201704001 All All
Operating System Vmware Esxi 6.5 650-201707101 All All
Operating System Vmware Esxi 6.5 650-201707102 All All
Operating System Vmware Esxi 6.5 650-201707103 All All
Operating System Vmware Esxi 6.5 650-201707201 All All
Operating System Vmware Esxi 6.5 650-201707202 All All
Operating System Vmware Esxi 6.5 650-201707203 All All
Operating System Vmware Esxi 6.5 650-201707204 All All
Operating System Vmware Esxi 6.5 650-201707205 All All
Operating System Vmware Esxi 6.5 650-201707206 All All
Operating System Vmware Esxi 6.5 650-201707207 All All
Operating System Vmware Esxi 6.5 650-201707208 All All
Operating System Vmware Esxi 6.5 650-201707209 All All
Operating System Vmware Esxi 6.5 650-201707210 All All
Operating System Vmware Esxi 6.5 650-201707211 All All
Operating System Vmware Esxi 6.5 650-201707212 All All
Operating System Vmware Esxi 6.5 650-201707213 All All
Operating System Vmware Esxi 6.5 650-201707214 All All
Operating System Vmware Esxi 6.5 650-201707215 All All
Operating System Vmware Esxi 6.5 650-201707216 All All
Operating System Vmware Esxi 6.5 650-201707217 All All
Operating System Vmware Esxi 6.5 650-201707218 All All
Operating System Vmware Esxi 6.5 650-201707219 All All
Operating System Vmware Esxi 6.5 650-201707220 All All
Operating System Vmware Esxi 6.5 650-201707221 All All
Operating System Vmware Esxi 6.5 650-201710001 All All
Operating System Vmware Esxi 6.5 650-201712001 All All
Operating System Vmware Esxi 6.5 650-201803001 All All
Operating System Vmware Esxi 6.5 650-201806001 All All
Operating System Vmware Esxi 6.5 650-201808001 All All
Operating System Vmware Esxi 6.5 650-201810001 All All
Operating System Vmware Esxi 6.5 650-201810002 All All
Operating System Vmware Esxi 6.5 650-201811001 All All
Operating System Vmware Esxi 6.5 650-201811002 All All
Operating System Vmware Esxi 6.5 650-201811301 All All
Operating System Vmware Esxi 6.5 650-201901001 All All
Operating System Vmware Esxi 6.5 650-201903001 All All
Operating System Vmware Esxi 6.5 650-201905001 All All
Operating System Vmware Esxi 6.7 - All All
Operating System Vmware Esxi 6.7 670-201806001 All All
Operating System Vmware Esxi 6.7 670-201807001 All All
Operating System Vmware Esxi 6.7 670-201808001 All All
Operating System Vmware Esxi 6.7 670-201810001 All All
Operating System Vmware Esxi 6.7 670-201810101 All All
Operating System Vmware Esxi 6.7 670-201810102 All All
Operating System Vmware Esxi 6.7 670-201810103 All All
Operating System Vmware Esxi 6.7 670-201810201 All All
Operating System Vmware Esxi 6.7 670-201810202 All All
Operating System Vmware Esxi 6.7 670-201810203 All All
Operating System Vmware Esxi 6.7 670-201810204 All All
Operating System Vmware Esxi 6.7 670-201810205 All All
Operating System Vmware Esxi 6.7 670-201810206 All All
Operating System Vmware Esxi 6.7 670-201810207 All All
Operating System Vmware Esxi 6.7 670-201810208 All All
Operating System Vmware Esxi 6.7 670-201810209 All All
Operating System Vmware Esxi 6.7 670-201810210 All All
Operating System Vmware Esxi 6.7 670-201810211 All All
Operating System Vmware Esxi 6.7 670-201810212 All All
Operating System Vmware Esxi 6.7 670-201810213 All All
Operating System Vmware Esxi 6.7 670-201810214 All All
Operating System Vmware Esxi 6.7 670-201810215 All All
Operating System Vmware Esxi 6.7 670-201810216 All All
Operating System Vmware Esxi 6.7 670-201810217 All All
Operating System Vmware Esxi 6.7 670-201810218 All All
Operating System Vmware Esxi 6.7 670-201810219 All All
Operating System Vmware Esxi 6.7 670-201810220 All All
Operating System Vmware Esxi 6.7 670-201810221 All All
Operating System Vmware Esxi 6.7 670-201810222 All All
Operating System Vmware Esxi 6.7 670-201810223 All All
Operating System Vmware Esxi 6.7 670-201810224 All All
Operating System Vmware Esxi 6.7 670-201810225 All All
Operating System Vmware Esxi 6.7 670-201810226 All All
Operating System Vmware Esxi 6.7 670-201810227 All All
Operating System Vmware Esxi 6.7 670-201810228 All All
Operating System Vmware Esxi 6.7 670-201810229 All All
Operating System Vmware Esxi 6.7 670-201810230 All All
Operating System Vmware Esxi 6.7 670-201810231 All All
Operating System Vmware Esxi 6.7 670-201810232 All All
Operating System Vmware Esxi 6.7 670-201810233 All All
Operating System Vmware Esxi 6.7 670-201810234 All All
Operating System Vmware Esxi 6.7 670-201811001 All All
Operating System Vmware Esxi 6.7 670-201901001 All All
Operating System Vmware Esxi 6.7 670-201901401 All All
Operating System Vmware Esxi 6.7 670-201901402 All All
Operating System Vmware Esxi 6.7 670-201901403 All All
Operating System Vmware Esxi 6.7 670-201903001 All All
Operating System Vmware Esxi 6.7 670-201904001 All All
Operating System Vmware Esxi 6.0 - All All
Operating System Vmware Esxi 6.5 - All All
Operating System Vmware Esxi 6.7 - All All

References

ReferenceSourceLinkTags
Full Disclosure: SEC Consult SA-20210113-0 :: Multiple vulnerabilities in Pepperl+Fuchs IO-Link Master Series FULLDISC seclists.org Exploit, Mailing List, Third Party Advisory
Full Disclosure: SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series FULLDISC seclists.org Exploit, Mailing List, Third Party Advisory
Full Disclosure: SEC Consult SA-20200827-0 :: Multiple Vulnerabilities in ZTE mobile Hotspot MS910S FULLDISC seclists.org Exploit, Mailing List, Third Party Advisory
[SECURITY] [DLA 1445-1] busybox security update MLIST lists.debian.org Mailing List, Third Party Advisory
Bugtraq: SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series BUGTRAQ seclists.org Exploit, Mailing List, Third Party Advisory
Busybox Shell Vulnerability | CVE-2017-16544 | Twistlock Alerts MISC www.twistlock.com Third Party Advisory
Full Disclosure: SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X FULLDISC seclists.org Exploit, Mailing List, Third Party Advisory
Cisco Device Hardcoded Credentials / GNU glibc / BusyBox ≈ Packet Storm MISC packetstormsecurity.com Exploit, Third Party Advisory, VDB Entry
USN-3935-1: BusyBox vulnerabilities | Ubuntu security notices | Ubuntu UBUNTU usn.ubuntu.com Third Party Advisory
Bugtraq: SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X BUGTRAQ seclists.org Exploit, Mailing List, Third Party Advisory
VMSA-2019-0013.1 CONFIRM www.vmware.com Third Party Advisory
Full Disclosure: SEC Consult SA-20200312-0 :: Authenticated Command Injection in Phoenix Contact TC Router & TC Cloud Client FULLDISC seclists.org Exploit, Mailing List, Third Party Advisory
Nexans FTTO GigaSwitch Outdated Components / Hardcoded Backdoor ≈ Packet Storm MISC packetstormsecurity.com
VMware Security Advisory 2019-0013 ≈ Packet Storm MISC packetstormsecurity.com Exploit, Third Party Advisory, VDB Entry
Full Disclosure: SEC Consult SA-20210819-0 :: Multiple critical vulnerabilities in Altus Nexto and Hadron series FULLDISC seclists.org
[SECURITY] [DLA 2559-1] busybox security update MLIST lists.debian.org Mailing List, Third Party Advisory
Red Lion N-Tron 702-W, 702M12-W | CISA MISC us-cert.cisa.gov Third Party Advisory, US Government Resource
busybox - BusyBox: The Swiss Army Knife of Embedded Linux MISC git.busybox.net Patch, Vendor Advisory
Full Disclosure: SEC Consult SA-20200902-0 :: Multiple Vulnerabilities in Red Lion N-Tron 702-W, Red Lion N-Tron 702M12-W FULLDISC seclists.org Exploit, Mailing List, Third Party Advisory
Full Disclosure: SEC Consult SA-20220615-0 :: Hardcoded Backdoor User and Outdated Software Components in Nexans FTTO GigaSwitch series FULLDISC seclists.org
CVE Program record CVE.ORG www.cve.org canonical
NVD vulnerability detail NVD nvd.nist.gov canonical, analysis

Legacy QID Mappings

  • 500077 Alpine Linux Security Update for busybox
  • 503753 Alpine Linux Security Update for busybox
  • 591324 Phoenix Contact TC Router and TC Cloud Client Multiple Vulnerabilities (VDE-2020-003)
  • 710218 Gentoo Linux BusyBox Multiple Vulnerabilities (GLSA 201803-12)
  • 751624 SUSE Enterprise Linux Security Update for busybox (SUSE-SU-2022:0135-1)
  • 751633 OpenSUSE Security Update for busybox (openSUSE-SU-2022:0135-1)
  • 752794 SUSE Enterprise Linux Security Update for busybox (SUSE-SU-2022:3959-1)
  • 752903 SUSE Enterprise Linux Security Update for busybox (SUSE-SU-2022:4253-1)
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

CVE.report and Source URL Uptime Status status.cve.report