The dns-sync module prior to 0.1.1 for node.js allows context-dependent malicious users to execute arbitrary commands via shell metacharacters in the first argument to the resolve API function.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
dns-sync project dns-sync |