CVE-2018-16461: Command Injection in libnmap
10
CVSS Score
Basic Information
CVE ID
GHSA ID
EPSS Score
0.80205%
CWE
Published
11/1/2018
Updated
9/7/2023
KEV Status
No
Technology
JavaScript
Technical Details
CVSS Vector
AV:N/AC:L/Au:N/C:C/I:C/A:C
Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
---|---|---|---|
libnmap | npm | < 0.4.16 | 0.4.16 |
Vulnerability Intelligence
Miggo AI
Root Cause Analysis
The key vulnerability stemmed from improper order in regex validation within the validation class. The patch shows a critical reversal from 'opts.ports.match(regex)' to 'regex.match(opts.ports)', indicating the original pattern allowed user input to be treated as executable regex. This function processes()
user-supplied ports/range parameters that are directly used in nmap
command construction, making it the injection vector. The POC's $(command)
syntax would be interpreted during this validation phase when constructing system commands.