Arbitrary Command Injection Vulnerability in macaddress Module for Node.js

Arbitrary Command Injection Vulnerability in macaddress Module for Node.js

CVE-2018-13797 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

The macaddress module before 0.2.9 for Node.js is prone to an arbitrary command injection flaw, due to allowing unsanitized input to an exec (rather than execFile) call.

Learn more about our Web Application Penetration Testing UK.