CVE-2022-31179

Public Exploit

Insufficient escaping of line feeds for CMD in shescape

Description

Shescape is a simple shell escape package for JavaScript. Versions prior to 1.5.8 were found to be subject to code injection on windows. This impacts users that use Shescape (any API function) to escape arguments for cmd.exe on Windows An attacker can omit all arguments following their input by including a line feed character (`'\n'`) in the payload. This bug has been patched in [v1.5.8] which you can upgrade to now. No further changes are required. Alternatively, line feed characters (`'\n'`) can be stripped out manually or the user input can be made the last argument (this only limits the impact).

References

Link	Tags
https://github.com/ericcornelissen/shescape/releases/tag/v1.5.8	third party advisory release notes
https://github.com/ericcornelissen/shescape/security/advisories/GHSA-jjc5-fp7p-6f8w	patch third party advisory exploit
https://github.com/ericcornelissen/shescape/pull/332	third party advisory patch

Frequently Asked Questions

What is the severity of CVE-2022-31179?: CVE-2022-31179 has been scored as a high severity vulnerability.
How to fix CVE-2022-31179?: To fix CVE-2022-31179, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2022-31179 being actively exploited in the wild?: It is possible that CVE-2022-31179 is being exploited or will be exploited in a near future based on public information. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2022-31179?: CVE-2022-31179 affects ericcornelissen shescape.

Description

Category

CWE-74 – Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

References

Frequently Asked Questions