PT-2018-6100 · Npm · Nodemailer-Js

Publicado

2018-06-07

Atualizado

2019-10-09

CVE-2017-16072

CVSS v3.1

7.5

Alta

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions: nodemailer.js (affected versions not specified)

Description: The nodemailer.js package is a piece of malware designed to steal environment variables and send them to attacker-controlled locations. All versions have been unpublished from the npm registry. If installed, the primary concern is determining how it was introduced into the environment.

Recommendations:

Delete the nodemailer.js package.
Clear your npm cache.
Ensure it is not present in any other package.json files on your system.
Regenerate your registry credentials, tokens, and any other sensitive credentials that may have been present in your environment variables. As a precaution, review any services exposed via credentials in your environment variables, such as databases, for indicators of compromise.

Correção

RCE

Information Disclosure

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-506CWE-200

Identificadores relacionados

CVE-2017-16072

GHSA-J866-8VXX-27HX

Produtos afetados

Nodemailer-Js

PT-2018-6100 · Npm · Nodemailer-Js

CVE-2017-16072

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 5