local-devices@2.0.0 vulnerabilities

Find devices connected to the current local network.

latest version

4.0.0
latest non vulnerable version

4.0.0
first published

7 years ago
latest version published

2 years ago
licenses detected
- MIT
  >=0
View local-devices package health on Snyk Advisor Open this link in a new tab

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the local-devices package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability Vulnerable Version

Vulnerability	Vulnerable Version
H Arbitrary Code Injection local-devices is a for finding all devices connected to the local network. Affected versions of this package are vulnerable to Arbitrary Code Injection. The package does not validate input on ip addresses and concatenates it to an exec call, allowing attackers to run arbitrary commands in the system. How to fix Arbitrary Code Injection? Upgrade `local-devices` to version 3.0.0 or higher.	<3.0.0

Arbitrary Code Injection

local-devices is a for finding all devices connected to the local network.

Affected versions of this package are vulnerable to Arbitrary Code Injection. The package does not validate input on ip addresses and concatenates it to an exec call, allowing attackers to run arbitrary commands in the system.

How to fix Arbitrary Code Injection?

Upgrade local-devices to version 3.0.0 or higher.

<3.0.0

Go back to all versions of this package

local-devices@2.0.0 vulnerabilities

Find devices connected to the current local network.

latest version

latest non vulnerable version

first published

latest version published

licenses detected

Direct Vulnerabilities