The Node.js inspector, in 6.x and later is vulnerable to a DNS rebinding attack which could be exploited to perform remote code execution. An attack is possible from malicious websites open in a web browser on the same computer, or another computer with network access to the computer running the Node.js process. A malicious website could use a DNS rebinding attack to trick the web browser to bypass same-origin-policy checks and to allow HTTP connections to localhost or to hosts on the local network. If a Node.js process with the debug port active is running on localhost or on a host on the local network, the malicious website could connect to it as a debugger, and get full code execution access.
oryginał ENCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HNode.js
APPNodejs6.0.0 – 6.8.16.9.0 – 6.14.0 (bez)8.0.0 – 8.8.18.9.0 – 8.11.0 (bez)9.0.0 – 9.10.0 (bez)
Powiązane podatności
Node.js TLS: błąd obsługi hostname z null-bajtem prowadzi do przekierowania authority
Obejście modelu uprawnień w Node.js poprzez spreparowane symlinki
Node.js: obejście modelu uprawnień przez Unix Domain Socket
Command injection w aplikacjach Windows korzystających z CreateProcess
Path traversal w Permission Model Node.js przez monkey-patching Buffer