CHAOS 安全漏洞

github Chaos is a software application. Visualize the connection between Chaos Theory and Fractals via Logical Mapping;. A security vulnerability exists in CHAOS. A remote attacker can exploit this vulnerability to execute arbitrary code by insecurely concatenating the "filename" parameter to the...

Node.js third-party modules: [wireguard-wrapper] Command Injection via insecure command concatenation

I would like to report a Command Injection issue in the wireguard-wrapper module. It allows to execute arbitrary commands on the victim's PC. Module module name: wireguard-wrapper version: 1.0.2 npm page: https://www.npmjs.com/package/wireguard-wrapper Module Description This project is a nodejs...