CVE-2016-10608

robot-js is a module for native system automation for node.js. robot-js downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server.

CVSS v3 7.5 HIGH
CVSS v2.0 9.3 HIGH

7.5^/10

CVSS v3 : HIGH

Vector : AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability : 1.6 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

9.3^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability : 8.6 / Impact : 10.0

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
https://nodesecurity.io/advisories/201	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:getrobot:robot-js:*:*:*:*:*:node.js:*:*

History

No history.

Information

Published : 2018-06-01 18:29

Updated : 2019-10-09 23:16

NVD link : CVE-2016-10608

Mitre link : CVE-2016-10608

CVE.ORG link : CVE-2016-10608

JSON object : View

Products Affected

getrobot

robot-js

CWE

CWE-310

Cryptographic Issues

CWE-311

Missing Encryption of Sensitive Data

{"id": "CVE-2016-10608", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 9.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.6}]}, "published": "2018-06-01T18:29:01.397", "references": [{"url": "https://nodesecurity.io/advisories/201", "tags": ["Third Party Advisory"], "source": "support@hackerone.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-310"}]}, {"type": "Secondary", "source": "support@hackerone.com", "description": [{"lang": "en", "value": "CWE-311"}]}], "descriptions": [{"lang": "en", "value": "robot-js is a module for native system automation for node.js. robot-js downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server."}, {"lang": "es", "value": "robot-js es un m\u00f3dulo de automatizaci\u00f3n del sistema nativo para Node.js. robot-js descarga recursos binarios por HTTP, lo que lo deja vulnerable a ataques MITM. Podr\u00eda ser posible provocar la ejecuci\u00f3n remota de c\u00f3digo (RCE) cambiando el binario solicitado por otro controlado por el atacante si \u00e9ste est\u00e1n en la red o posicionado entre el usuario y el servidor remoto."}], "lastModified": "2019-10-09T23:16:52.480", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:getrobot:robot-js:*:*:*:*:*:node.js:*:*", "vulnerable": true, "matchCriteriaId": "BB29BA8F-A1F9-45C8-9559-D0A3E0E6818E", "versionEndIncluding": "2.0.0"}], "operator": "OR"}]}], "sourceIdentifier": "support@hackerone.com"}