cmderdev/cmder

Cmder Console Emulator 1.3.18 contains a buffer overflow vulnerability that allows attackers to trigger a denial of service condition through a maliciously crafted .cmd file. Attackers can create a specially constructed .cmd file with repeated characters to overwhelm the console emulator's buffer and crash the application.

ConEmu through 220807 and Cmder before 1.3.21 report the title of the terminal, including control characters, which allows an attacker to change the title and then execute it as commands.