Nuprocess is vulnerable to command injection. The vulnerability exists because NuProcess is missing a check in run
and start
functions of NuProcessBuilder.java
which enables the attackers to use NULL characters in their strings to perform a command line injection.