macaddress

Command Injection

Severity: critical

Overview

All versions of macaddress are vulnerable to command injection. For this vulnerability to be exploited an attacker needs to control the iface argument to the one method.

Remediation

Update to version 0.2.9 or later.

Vulnerable versions

0.2.6
3 years ago
0.2.7
3 years ago
0.2.8
3 years ago

Unaffected versions

0.2.9
2 months ago

Advisory timeline

  1. Published

    Advisory published
    May 16th, 2018
  2. Reported

    Initial report by Сковорода Никита Андреевич
    May 16th, 2018