CVE-2024-22169 | Western Digital WD Discovery 3.8.229/4.0.251.0/4.4.396 Node.js ELECTRON_RUN_AS_NODE code injection

Inserito da Angelo Barbosa | Ago 2, 2024 | CVE

A vulnerability was found in Western Digital WD Discovery 3.8.229/4.0.251.0/4.4.396. It has been classified as critical. This affects an unknown part of the component Node.js. The manipulation of the argument ELECTRON_RUN_AS_NODE leads to code injection.

This vulnerability is uniquely identified as CVE-2024-22169. Local access is required to approach this attack. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-22169 | Western Digital WD Discovery 3.8.229/4.0.251.0/4.4.396 Node.js ELECTRON_RUN_AS_NODE code injection

Post correlati

CVE-2024-2813 | Tenda AC15 15.03.20_multi fast_setting_wifi_set form_fast_setting_wifi_set ssid stack-based overflow

CVE-2024-5220 | ND Shortcodes Plugin up to 7.5 on WordPress cross site scripting

CVE-2023-6854 | Breakdance Plugin up to 1.7.0 on WordPress postmeta cross site scripting

CVE-2024-4145 | Search & Replace Plugin up to 3.2.1 on WordPress sql injection