Security Research

[CVE-2020-15779] Path Traversal in NPM module

Title: Path Traversal in NPM moduleDate: 18/05/2020CVE-ID: 2020-15779Advisory: Thomas SermpinisVersions: <= 2.0.31Package URL: on: node v10.19.0, v2.0.31, v2.3.0Proof of Concept: During one of my penetration tests for a local military equipment supplier, I faced a web application running on an embedded device that used web sockets in order to […]