Node.js - Remote Code Execution (CVE-2022-29078)
- Severity
- CVSSv3 Score
- 9.8
- Exploitable with Sniper
- Yes
- Vulnerability description
The Node.js server is vulnerable to CVE-2022-29078, a Remote Code Execution vulnerability affecting the EJS (aka Embedded JavaScript templates) package. The EJS package 3.1.6 for Node.js allows server-side template injection in
settings[view options][outputFunctionName]. This overwrites the outputFunctionName option with an arbitrary OS command which is executed upon template compilation.- Exploit capabilities
Sniper can gain unauthenticated Remote Code Execution on the target system and extract multiple artefacts as evidence.
- Risk description
The risk exists that a remote unauthenticated attacker can fully compromise the server in order to steal confidential information, install ransomware, or pivot to the internal network.
- Recommendation
Upgrade the EJS package to the latest version.
- Detectable with
- Network Scanner
- Vuln date
- Apr 2022
- Published at
- Updated at
- Software Type
- Runtime environment
- Vendor
- OpenJS Foundation
- Product
- Node.js
- Codename
- Not available