devcert-sanscache is a package that can be used to generate trusted local SSL/TLS certificates for local SSL development.
Affected versions of this package are vulnerable to Command Injection. The variable
commonName controlled by user input is used as part of the
exec function without any sanitization.
PoC by JHU System Security Lab
var root = require("devcert-sanscache"); var attack_code = "&touch Song&"; root(attack_code);
devcert-sanscache to version 0.4.7 or higher.