CVE-2018-21268

{"id": "CVE-2018-21268", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}, {"type": "Secondary", "source": "cve@mitre.org", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 10.0, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 6.0, "exploitabilityScore": 3.9}]}, "published": "2020-06-25T17:15:11.567", "references": [{"url": "https://github.com/jaw187/node-traceroute/commit/b99ee024a01a40d3d20a92ad3769cc78a3f6386f", "tags": ["Patch", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://github.com/jaw187/node-traceroute/tags", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://medium.com/%40shay_62828/shell-command-injection-through-traceroute-npm-package-a4cf7b6553e3", "source": "cve@mitre.org"}, {"url": "https://snyk.io/vuln/npm:traceroute:20160311", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.linkedin.com/posts/op-innovate_shell-command-injection-through-traceroute-activity-6678956453086191616-Rcpy", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.npmjs.com/advisories/1465", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.npmjs.com/package/traceroute", "tags": ["Product", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.op-c.net/2020/06/17/shell-command-injection-through-traceroute-npm-package/", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-74"}]}], "descriptions": [{"lang": "en", "value": "The traceroute (aka node-traceroute) package through 1.0.0 for Node.js allows remote command injection via the host parameter. This occurs because the Child.exec() method, which is considered to be not entirely safe, is used. In particular, an OS command can be placed after a newline character."}, {"lang": "es", "value": "El paquete traceroute (tambi\u00e9n se conoce como node-traceroute) versiones hasta 1.0.0 para Node.js, permite una inyecci\u00f3n de comandos remota por medio del par\u00e1metro host. Esto ocurre porque es usado el m\u00e9todo Child.exec(), que es considerado no del todo seguro. En particular, un comando del Sistema Operativo puede ser colocado despu\u00e9s de un car\u00e1cter newline"}], "lastModified": "2023-11-07T02:56:25.940", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:traceroute_project:traceroute:*:*:*:*:*:node.js:*:*", "vulnerable": true, "matchCriteriaId": "10542A2B-9A3B-4F1B-A3E9-BF8BC7B5AE30", "versionEndIncluding": "1.0.0"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}