Command Injection

Module: macaddress

Published: May 16th, 2018

Reported by: Сковорода Никита Андреевич

CVE-NONE

CWE-78

Vulnerable: All
Patched: None

Overview

All versions of macaddress are vulnerable to command injection. For this vulnerability to be exploited an attacker needs to control the iface argument to the one method.

Remediation

No fix is currently available for this vulnerability. It is our recommendation to not install or use this module until a fix is provided.

References