Rewterz Threat Advisory – Multiple McAfee ePolicy Orchestrator Vulnerability
March 24, 2022Rewterz Threat Advisory – ICS: Multiple Delta Electronics DIAEnergie Vulnerabilities
March 24, 2022Rewterz Threat Advisory – Multiple McAfee ePolicy Orchestrator Vulnerability
March 24, 2022Rewterz Threat Advisory – ICS: Multiple Delta Electronics DIAEnergie Vulnerabilities
March 24, 2022Severity
High
Analysis Summary
CVE-2022-25766
Node.js ungit module could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an argument injection in the /api/fetc endpoint. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
Impact
- Code Execution
Indicators Of Compromise
CVE
- CVE-2022-25766
Affected Vendors
- Node.js
Affected Products
- Node.js ungit module 1.5.10
Remediation
Upgrade to the latest version of Node.js, available from the NPM Web site.