Arbitrary File Write
Affecting innomon package, ALL versions
Do your applications use this vulnerable package?
Test your applications
Overview
innomon
is Innovation Services Monitor.
Affected versions of the package are vulnerable to Arbitrary File Write.
Thanks to Liang Gong for disclosing this vulnerability!
Remediation
There is no fix version for innomon
.
References
CVSS Score
7.3
high severity
-
Attack VectorNetwork
-
Attack ComplexityLow
-
Privileges RequiredNone
-
User InteractionNone
-
ScopeUnchanged
-
ConfidentialityLow
-
IntegrityLow
-
AvailabilityLow
- Credit
- Liang Gong
- CWE
- CWE-626
- Snyk ID
- npm:innomon:20170518
- Disclosed
- 18 May, 2017
- Published
- 07 Jun, 2017