6 matches found
CVE-2022-25890
All versions of the package wifey are vulnerable to Command Injection via the connect function due to improper input sanitization...
wifey vulnerable to Command Injection due to improper input sanitization
All versions of the package wifey are vulnerable to Command Injection via the connect function due to improper input sanitization...
Command injection
All versions of the package wifey are vulnerable to Command Injection via the connect function due to improper input sanitization...
CVE-2022-25890
All versions of the package wifey are vulnerable to Command Injection via the connect function due to improper input sanitization...
CVE-2022-25890
The CVE-2022-25890 entry affects the Node.js package wifey , with a vulnerability in the connect() function that allows Command Injection due to improper input sanitization. Public references (e.g., Snyk, GitHub advisory) show a PoC exploit and indicate a lack of a fixed version, underscoring rea...
npm wifey 安全漏洞
npm wifey is a NodeJS tool for managing wifi from the US company npm. A security vulnerability exists in wifey, which stems from improper cleaning of user input. An attacker can exploit this vulnerability to perform command injection via the connect function...