CVE-2016-10571

Name of the Vulnerable Software and Affected Versions bkjs-wand versions prior to 0.3.2

Description The issue concerns the insecure download of binary resources over HTTP, making it susceptible to man-in-the-middle (MITM) attacks. If an attacker is positioned between the user and the remote server or is on the same network, they may intercept the response and replace the requested binary with a malicious one. This could potentially lead to remote code execution (RCE) on the system running the affected software.

Recommendations Update to version 0.3.2 or later.