Malicious Package
Affecting rrgod package, ALL versions
Overview
rrgod is a Malicious Package.
This package downloads and executes a python script from http://static.ricterz.me via preinstall, postinstall and install scripts. That script is trying to fetch and execute another script from ricterz.me:8889 which is currently down. The python script from http://static.ricterz.me is saved in shell.py
.
Remediation
Avoid using rrgod
altogether.
References
Do your applications use this vulnerable package?
CVSS Score
9.8
high severity
-
Attack VectorNetwork
-
Attack ComplexityLow
-
Privileges RequiredNone
-
User InteractionNone
-
ScopeUnchanged
-
ConfidentialityHigh
-
IntegrityHigh
-
AvailabilityHigh
- Credit
- Unknown
- CWE
- CWE-506
- Snyk ID
- SNYK-JS-RRGOD-73507
- Disclosed
- 10 Jan, 2019
- Published
- 15 Jan, 2019