Vulnerabilities > CVE-2022-25916 - Unspecified vulnerability in Mt7688-Wiscan Project Mt7688-Wiscan 0.8.2

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

mt7688-wiscan-project

NVD

Published: 2023-02-01

Updated: 2024-11-21

Summary

Versions of the package mt7688-wiscan before 0.8.3 are vulnerable to Command Injection due to improper input sanitization in the 'wiscan.scan' function.

Vulnerable Configurations

Part	Description	Count
Application	Mt7688-Wiscan_Project Mt7688 Wiscan Project Mt7688 Wiscan - Mt7688 Wiscan Project Mt7688 Wiscan 0.8.2	2

References

https://github.com/simenkid/mt7688-wiscan/blob/master/index.js%23L22
https://github.com/simenkid/mt7688-wiscan/blob/master/index.js%23L22
https://github.com/simenkid/mt7688-wiscan/commit/ff6d6567c65b4e972916a8fbc4533212f20a2fa5
https://github.com/simenkid/mt7688-wiscan/commit/ff6d6567c65b4e972916a8fbc4533212f20a2fa5
https://security.snyk.io/vuln/SNYK-JS-MT7688WISCAN-3177394
https://security.snyk.io/vuln/SNYK-JS-MT7688WISCAN-3177394