GHSA-4x6x-782q-jfc4

Описание

Versions of node-wifi prior to 2.0.12 are vulnerable to Command Injection. The package fails to sanitize user input, allowing attackers to inject commands through the ssid variable and possibly achieving Remote Code Execution on the system.

Recommendation

No fix is currently available. Consider using an alternative package until a fix is made available.