Ottimo

**Name of the Vulnerable Software and Affected Versions** Arduino App Lab versions prior to 0.4.0 **Description** Arduino App Lab, a cross-platform IDE for developing Arduino Apps, contains a flaw in its Terminal component. Insufficient input sanitization and validation of data received from connected hardware devices, specifically in the ` info.Serial` and ` info.Address` metadata fields, allows for potential code execution. An attacker requires physical access to a compromised board to supply crafted strings containing shell metacharacters. These crafted strings are then executed with the privileges of the user running the application when the host system processes the fields. **Recommendations** Update to version 0.4.0 or later.