Описание
Node-Traceroute RCE Vulnerability
The traceroute (aka node-traceroute) package through 1.0.0 for Node.js allows remote command injection via the host parameter. This occurs because the Child.exec() method, which is considered to be not entirely safe, is used. In particular, an OS command can be placed after a newline character.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2018-21268
- https://github.com/jaw187/node-traceroute/commit/b99ee024a01a40d3d20a92ad3769cc78a3f6386f
- https://github.com/jaw187/node-traceroute/tags
- https://medium.com/@shay_62828/shell-command-injection-through-traceroute-npm-package-a4cf7b6553e3
- https://snyk.io/vuln/npm:traceroute:20160311
- https://www.linkedin.com/posts/op-innovate_shell-command-injection-through-traceroute-activity-6678956453086191616-Rcpy
- https://www.npmjs.com/advisories/1465
- https://www.op-c.net/2020/06/17/shell-command-injection-through-traceroute-npm-package
Пакеты
Наименование
traceroute
npm
Затронутые версииВерсия исправления
<= 1.0.0
Отсутствует
Связанные уязвимости
CVSS3: 10
nvd
больше 5 лет назад
The traceroute (aka node-traceroute) package through 1.0.0 for Node.js allows remote command injection via the host parameter. This occurs because the Child.exec() method, which is considered to be not entirely safe, is used. In particular, an OS command can be placed after a newline character.