Insecure Defaults Leads to Potential MITM in ezseed-transmission

ID GHSA-P788-RJ37-357W
Type github
Reporter GitHub Advisory Database
Modified 2021-09-23T21:28:15


Affected versions of ezseed-transmission download and run a script over an HTTP connection.

An attacker in a privileged network position could launch a Man-in-the-Middle attack and intercept the script, replacing it with malicious code, completely compromising the system running ezseed-transmission.


Update to version 0.0.15 or later.