Miggo Logo
Miggo Vulnerability Database
CVE-2022-25973

CVE-2022-25973: mc-kill-port vulnerable to Arbitrary Command Execution via kill function

7.8

CVSS Score
3.1

Basic Information

CVE ID
CVE-2022-25973
GHSA ID
GHSA-2cg4-7q4x-7rr2
EPSS Score
0.33755%
CWE
CWE-88
Published
8/11/2022
Updated
1/27/2023
KEV Status
No
Technology
TechnologyJavaScript

Technical Details

CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
mc-kill-portnpm<= 1.0.1

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

  1. Multiple sources explicitly name the 'kill' function as the vulnerable entry point
  2. The CWE-88 classification indicates argument injection in command execution
  3. The PoC demonstrates command injection through the port parameter
  4. Package functionality inherently requires executing system commands to kill ports
  5. Lack of sanitization in the port argument creates a direct path for command injection
  6. Standard npm package structure suggests main functionality would be in index.js

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

*ll v*rsions o* p**k*** m*-kill-port *r* vuln*r**l* to *r*itr*ry *omm*n* *x**ution vi* t** `kill` *un*tion, *u* to missin* s*nitiz*tion o* t** `port` *r*um*nt.

Reasoning

*. Multipl* sour**s *xpli*itly n*m* t** 'kill' *un*tion *s t** vuln*r**l* *ntry point *. T** *W*-** *l*ssi*i**tion in*i**t*s *r*um*nt inj**tion in *omm*n* *x**ution *. T** Po* **monstr*t*s *omm*n* inj**tion t*rou** t** port p*r*m*t*r *. P**k*** *un*t
CVE-2022-25973: mc-kill-port kill Port RCE | Miggo