← Back

Raspberrytortoise

raspberrytortoise

Vendor: Raspberrytorte • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2020-15477
1Raspberrytorte
1Raspberrytortoise
Nov 21, 2024
Jul 23, 2020
N/A· v4
9.8 CRITICAL· v3
10.0 HIGH· v2
The WebControl in RaspberryTortoise through 2012-10-28 is vulnerable to remote code execution via shell metacharacters in a URI. The file nodejs/raspberryTortoise.js has no validation on the parameter incomingString befo...Show more
The WebControl in RaspberryTortoise through 2012-10-28 is vulnerable to remote code execution via shell metacharacters in a URI. The file nodejs/raspberryTortoise.js has no validation on the parameter incomingString before passing it to the child_process.exec function.Show less