OS Command Injection

node-wifi is vulnerable to OS command injection. The vulnerability exists through the unsanitized value of ssid used in exec...

GHSA-4X6X-782Q-JFC4 Command Injection in node-wifi

Versions of node-wifi prior to 2.0.12 are vulnerable to Command Injection. The package fails to sanitize user input, allowing attackers to inject commands through the ssid variable and possibly achieving Remote Code Execution on the system. Recommendation No fix is currently available. Consider...

raspbian-wifi-node-js (>=1.0.0 <=1.0.3), raspbian-wifi-node-jsgit (=1.0.1) potentially affected by unknown CVE via node-wifi (=1.2.5)

node-wifi NPM version =1.2.5 is affected by a known vulnerability. The following packages have a transitive dependency on node-wifi and may be impacted: - raspbian-wifi-node-js =1.0.0, =1.0.3 - raspbian-wifi-node-jsgit =1.0.1 Source cves: unknown CVE Source advisory: OSV:GHSA-4X6X-782Q-JFC4...

Command Injection in node-wifi

Versions of node-wifi prior to 2.0.12 are vulnerable to Command Injection. The package fails to sanitize user input, allowing attackers to inject commands through the ssid variable and possibly achieving Remote Code Execution on the system. Recommendation No fix is currently available. Consider...

Command Injection

Overview Versions of node-wifi prior to 2.0.12 are vulnerable to Command Injection. The package fails to sanitize user input, allowing attackers to inject commands through the ssid variable and possibly achieving Remote Code Execution on the system. Recommendation No fix is currently available...