CVE-2019-10796

Published February 24th, 2020

View on NVD ↗

CVSS v3

9.8

CRITICAL

CVSS v2

6.8

MEDIUM

Affected

PROJECT

Description

rpi through 0.0.3 allows execution of arbritary commands. The variable pinNumbver in function GPIO within src/lib/gpio.js is used as part of the arguement of exec function without any sanitization.

xseignard/rpi

Yet another Node.js library to use the Raspberry Pi GPIOs.

GitHub