6 matches found
CVE-2023-2564
OS Command Injection in GitHub repository sbs20/scanservjs prior to v2.27.0...
CVE-2023-2564
creationtimestamp| type| source ---|---|--- 2023-05-07 19:29:42+00:00| seen| https://t.me/cibsecurity/63407...
CVE-2023-2564
OS Command Injection in GitHub repository sbs20/scanservjs prior to v2.27.0...
CVE-2023-2564 OS Command Injection in sbs20/scanservjs
OS Command Injection in GitHub repository sbs20/scanservjs prior to v2.27.0...
CVE-2023-2564 OS Command Injection in sbs20/scanservjs
OS Command Injection in GitHub repository sbs20/scanservjs prior to v2.27.0...
CVE-2023-2564
CVE-2023-2564 describes an OS Command Injection in sbs20/scanservjs before v2.27.0. The vulnerability arises in the server’s REST APIs for scanning and preview, where arrays of strings in POST bodies are interpolated into shell commands (via Process.spawn/scanimage), allowing an attacker to injec...