Homepage

macfromip@1.1.0 vulnerabilities

On given an IP Address, will attempt to identify that IP's MAC address.

  • latest version

    1.1.1

  • first published

    9 years ago

  • latest version published

    9 years ago

  • licenses detected

  • View macfromip package health on Snyk Advisor  (opens in a new tab)
    • Go back to all versions of this package
    Report a new vulnerability Found a mistake?

    Direct Vulnerabilities

    Known vulnerabilities in the macfromip package. This does not include vulnerabilities belonging to this package’s dependencies.

    How to fix?

    Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

    Fix for free
    VulnerabilityVulnerable Version
    • C
    Command Injection

    macfromip is a module that gets a MAC address from a LAN IP address

    Affected versions of this package are vulnerable to Command Injection. The injection points are located in lines 66 and 96 in macfromip.js.

    PoC

    var a = require("macfromip");
a.getMacInLinux("& touch JHU", function(){});
a.getMacInWin32("& touch JHU2 &", function(){});

    How to fix Command Injection?

    There is no fixed version for macfromip.

    *
    Go back to all versions of this package