4 matches found
GHSA-5H8C-8CCP-8GMH mt7688-wiscan is vulnerable to Command Injection due to improper input sanitization
Versions of the package mt7688-wiscan before 0.8.3 are vulnerable to Command Injection due to improper input sanitization in the 'wiscan.scan' function...
CVE-2022-25916
Versions of the package mt7688-wiscan before 0.8.3 are vulnerable to Command Injection due to improper input sanitization in the 'wiscan.scan' function...
CVE-2022-25916
Versions of the package mt7688-wiscan before 0.8.3 are vulnerable to Command Injection due to improper input sanitization in the 'wiscan.scan' function...
Command Injection
Overview Affected versions of this package are vulnerable to Command Injection due to improper input sanitization in the 'wiscan.scan' function. PoC javascript var wiscan = require'mt7688-wiscan'; wiscan.scan';touch EXPLOITED;', function; Remediation Upgrade mt7688-wiscan to version 0.8.3 or...