CVE-2021-26504

Published August 11th, 2023

View on NVD ↗

CVSS v3

7.5

HIGH

CVSS v2

N/A

Affected

PROJECT

Description

Directory Traversal vulnerability in Foddy node-red-contrib-huemagic version 3.0.0, allows remote attackers to gain sensitive information via crafted request in res.sendFile API in hue-magic.js.

Foddy/node-red-contrib-huemagic

Philips Hue node to control bridges, lights, groups, motion sensors, temperature sensors and Lux sensors using Node-RED.

GitHub

202