CVE-2020-7621

strong-nginx-controller through 1.0.2 is vulnerable to Command Injection. It allows execution of arbitrary command as part of the 'nginxCmd' function...

The vulnerability of the _nginxCmd() function of the Nginx web server control software, specifically the strong-nginx-controller, allows attackers to execute arbitrary commands.

The vulnerability of the nginxCmd function of the Nginx web server control software exists because measures to neutralize specific elements have not been taken. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

OS Command Injection in strong-nginx-controller

strong-nginx-controller through 1.0.2 is vulnerable to Command Injection. It allows execution of arbitrary command as part of the 'nginxCmd' function...

GHSA-4V9W-PVWR-38H3 OS Command Injection in strong-nginx-controller

strong-nginx-controller through 1.0.2 is vulnerable to Command Injection. It allows execution of arbitrary command as part of the 'nginxCmd' function...

strong-arc (>=1.8.6 <=1.8.9), strong-mesh-client (>=1.3.5 <=2.0.2) +1 more potentially affected by CVE-2020-7621 via strong-nginx-controller (=1.0.2)

strong-nginx-controller NPM version =1.0.2 is affected by a known vulnerability. The following packages have a transitive dependency on strong-nginx-controller and may be impacted: - strong-arc =1.8.6, =1.3.5, =6.0.1, =6.0.3 Source cves: CVE-2020-7621 Source advisory: OSV:GHSA-4V9W-PVWR-38H3...

@csltech/strong-nginx-controller (>=1.0.2 <=1.0.3), @csltech/strong-pm (>=7.0.0 <=7.0.2) +56 more potentially affected by CVE-2016-1000226 via swagger-ui (>=2.0.17 <=2.1.8-M1)

swagger-ui NPM version =2.0.17, =1.0.2, =7.0.0, =3.0.1, =2.0.0, =1.0.1, =1.0.1, =2.8.29, =1.0.1, =5.0.232, =0.0.1, =0.4.1, =1.0.1, =0.0.1, =0.0.27, =0.1.9 and more Source cves: CVE-2016-1000226 Source advisory: OSV:GHSA-7F59-X49P-V8MQ...

OS Command Injection

strong-nginx-controller is vulnerable to OS command injection. Lack of validation and sanitization of the action parameter allows an attacker to inject and execute arbitrary OS commands via the nginxCmd function...

Command injection

strong-nginx-controller through 1.0.2 is vulnerable to Command Injection. It allows execution of arbitrary command as part of the 'nginxCmd' function...

Command Injection

Overview strong-nginx-controller is a module that Provides reverse-proxy and load-balancning support for multiple strong-pm instances configured and run using StrongLoop Arc. Affected versions of this package are vulnerable to Command Injection. The first argument of function nginxCmd can be...

strong-arc (>=1.8.6 <=1.8.9), strong-mesh-client (>=1.3.5 <=2.0.2) +1 more potentially affected by CVE-2020-7621 via strong-nginx-controller (=1.0.2)

strong-nginx-controller NPM version =1.0.2 is affected by a known vulnerability. The following packages have a transitive dependency on strong-nginx-controller and may be impacted: - strong-arc =1.8.6, =1.3.5, =6.0.1, =6.0.3 Source cves: CVE-2020-7621 Source advisory:...