OS Command Injection in enpeem

2021-04-13T15:22:47
ID GHSA-HMW2-MVVH-JF5J
Type github
Reporter GitHub Advisory Database
Modified 2021-04-13T15:22:47

Description

enpeem through 2.2.0 allows execution of arbitrary commands. The "options.dir" argument is provided to the "exec" function without any sanitization.