Arbitrary Command Execution Vulnerability in codem-transcode Node.js Module

Arbitrary Command Execution Vulnerability in codem-transcode Node.js Module

CVE-2013-7377 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

The codem-transcode module before 0.5.0 for Node.js, when ffprobe is enabled, allows remote attackers to execute arbitrary commands via a POST request to /probe.

Learn more about our Web Application Penetration Testing UK.