Versions of samsung-remote
before 1.3.5 are vulnerable to command injection. This vulnerability is exploitable if user input is passed into the ip
option of the package constructor.
Update to version 1.3.5 or later.
Vendor | Product | Version | CPE |
---|---|---|---|
* | samsung-remote | * | cpe:2.3:a:*:samsung-remote:*:*:*:*:*:*:*:* |