CVE-2020-23256
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in npm/electerm
Identifiers
GHSA-x73w-g8hx-v7rp, CVE-2020-23256
Package Slug
npm/electerm
Vulnerability
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Description
An issue was discovered in Electerm 1.3.22, allows attackers to execute arbitrary code via unverified request to electerms service.
Affected Versions
All versions up to 1.3.22
Solution
Unfortunately, there is no solution available yet.
Last Modified
2023-01-30
| source |