Arbitrary Command Execution Vulnerability in Summit Node Web Framework
CVE-2017-16020 · CRITICAL Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summit is a node web framework. When using the PouchDB driver in the module, Summit 0.1.0 and later allows an attacker to execute arbitrary commands via the collection name.
Learn more about our Web App Pen Testing.