CVE-2021-26504

Description

Directory Traversal vulnerability in Foddy node-red-contrib-huemagic version 3.0.0, allows remote attackers to gain sensitive information via crafted request in res.sendFile API in hue-magic.js.

Related CPE's

a dgtl huemagic 3.0.0 ****node.js **

References

https://github.com/Foddy/node-red-contrib-huemagic/issues/217

ExploitIssue TrackingPatch

CvssV3 impact

Could not find any metrics

CvssV2 impact

Could not find any metrics

Created by Yello

About Severity.io