Saturday, October 9, 2021

Command Injection - python-openzwave [,0.4.19)


python-openzwave is a python_openzwave is a python wrapper for the openzwave c++ library.

Affected versions of this package are vulnerable to Command Injection due to unsafe use of the os.system() in update_ozw_config.


Upgrade python-openzwave to version 0.4.19 or higher.



Copyright © 2021 Vulnerability Database | Cyber Details™

thank you Templateism for the design - You should have written the code a little more complicated - Nothing Encrypted anymore