node-scp

vulnerability code injection
severity 3.8
language javascript
registry npm

Overview

Affected versions execute arbitrary commands remotely inside the victim's PC. The issue occurs because user input is formatted inside a command that will be executed without any checks.