wifiNetworks() fixed CWE-78 command injection issue (linux)

2026-02-14 11:09:05 +01:00
parent 41c7ea4ff8
commit 22242aa561
6 changed files with 28 additions and 7 deletions
@@ -44,6 +44,21 @@
            <div class="col-12 sectionheader">
              <div class="title">Security Advisories</div>
              <div class="text">
+                <h2>wifiNetworks Command Injection Vulnerability</h2>
+                <p><span class="bold">Affected versions:</span>
+                  &lt; 5.30.8<br>
+                  <span class="bold">Date:</span> 2026-02-14<br>
+                  <span class="bold">CVE indentifier</span> ...
+                </p>
+
+                <h4>Impact</h4>
+                <p>We had an issue that there was a possibility to perform a potential command injection possibility by manipulating SSIDs in <span class="code">wifiNetworks()</span> on linux machines.</p>
+
+                <h4>Patch</h4>
+                <p>Problem was fixed with parameter checking. If you are using version 5, please upgrade to version >= 5.30.8.</p>
+                <hr>
+                <br>
+
                <h2>fsSize Command Injection Vulnerability</h2>
                <p><span class="bold">Affected versions:</span>
                  &lt; 5.27.14<br>
@@ -58,7 +73,6 @@
                <p>Problem was fixed with parameter checking. If you are using version 5, please upgrade to version >= 5.27.14.</p>
                <hr>
                <br>
-
                <h2>SSID Command Injection Vulnerability</h2>
                <p><span class="bold">Affected versions:</span>
                  &lt; 5.23.7<br>