Tag

Electerm

1 brief RSS

Electerm Command Injection Vulnerability via runLinux Function

A command injection vulnerability exists in electerm's install.js due to insufficient validation in the runLinux() function, allowing attackers to execute arbitrary commands by manipulating remote release metadata.

electerm command-injection npm

2r 1t Jan 3, 2024