CVE-2018-3786
N/A
N/A
Summary
A command injection vulnerability in egg-scripts <v2.8.1 allows arbitrary shell command execution through a maliciously crafted command line argument.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Egg | egg-scripts | 2.8.1 | affected |
Weaknesses
- CWE-77: Command Injection - Generic (CWE-77)
ADP Enrichment
CVE Program Container
Additional References
- https://github.com/eggjs/egg-scripts/pull/26
- https://hackerone.com/reports/388936
- https://github.com/eggjs/egg-scripts/blob/2.8.1/History.md
References
- https://github.com/eggjs/egg-scripts/pull/26
- https://hackerone.com/reports/388936
- https://github.com/eggjs/egg-scripts/blob/2.8.1/History.md
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.