THREAT OPS › Threat News › Shift Happens – Uncovering Two Built-in Command Injections in Windows Context Menus
Shift Happens – Uncovering Two Built-in Command Injections in Windows Context Menus
<p class="wp-block-paragraph"><em><strong>TL;DR: </strong>Two command injection vulnerabilities exist in the Windows Explorer “Open PowerShell window here” context menu due to improper quoting and command injection through user-controlled folder paths. By creating folders with crafted names (e.g., <code>folder; calc</code>), an attacker can trigger arbitrary PowerShell command execution when a use
MITRE ATT&CK techniques
- VulnerabilitiesT1588.006
- PowerShellT1059.001
- Template InjectionT1221
- Generative AIAML.T0016.002