CVE-2023-26127

Name of the Vulnerable Software and Affected Versions n158 versions all

Description The issue arises from improper input sanitization in the module.exports function, leading to Command Injection. To potentially exploit this, an attacker must have the ability to run Node.js code within the target environment, which typically requires some level of access to the system or application hosting the Node.js environment.

Recommendations For all versions, consider restricting access to the module.exports function until a patch is available. As a temporary workaround, limiting the ability to run Node.js code within the target environment can help minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.