OS Command Injection in Electron - CVE-2018-1000118
Published: March 7, 2018 / Updated: August 8, 2020
Vulnerability identifier: #VU37473
CSH Severity: High
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
CVE-ID: CVE-2018-1000118
CWE-ID: CWE-78
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Electron
Affected software:
Electron
Electron
Detailed vulnerability description
The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.
Github Electron version Electron 1.8.2-beta.4 and earlier contains a Command Injection vulnerability in Protocol Handler that can result in command execute. This attack appear to be exploitable via the victim opening an electron protocol handler in their browser. This vulnerability appears to have been fixed in Electron 1.8.2-beta.5. This issue is due to an incomplete fix for CVE-2018-1000006, specifically the black list used was not case insensitive allowing an attacker to potentially bypass it.
How to mitigate CVE-2018-1000118
Install update from vendor's website.