Overview
Versions of samsung-remote
before 1.3.5 are vulnerable to command injection. This vulnerability is exploitable if user input is passed into the ip
option of the package constructor.
Remediation
Update to version 1.3.5 or later.
Resources
Have content suggestions? Visit npmjs.com/support.
Advisory timeline
Created
2018-11-07T22:21:37.901Updated
2018-11-07T22:21:45.927