Insecure File Overwrite Vulnerability in node-cli Package

Insecure File Overwrite Vulnerability in node-cli Package

CVE-2016-10538 · MEDIUM Severity

AV:N/AC:M/AU:S/C:N/I:P/A:P

The package `node-cli` before 1.0.0 insecurely uses the lock_file and log_file. Both of these are temporary, but it allows the starting user to overwrite any file they have access to.

Learn more about our User Device Pen Test.