CVE-2022-25973
HIGHmc-kill-port - Arbitrary Command Execution via Port Argument Injection
Title source: llmDescription
All versions of package mc-kill-port are vulnerable to Arbitrary Command Execution via the kill function, due to missing sanitization of the port argument.
References (2)
Core 2
Core References
Exploit, Third Party Advisory x_refsource_misc
https://security.snyk.io/vuln/SNYK-JS-MCKILLPORT-2419070
Product, Third Party Advisory x_refsource_misc
https://www.npmjs.com/package/mc-kill-port
Scores
CVSS v3
7.8
EPSS
0.0045
EPSS Percentile
35.7%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-88
Status
published
Products (2)
mc-kill-port_project/mc-kill-port
npm/mc-kill-port
0npm
Published
Aug 10, 2022
Tracked Since
Feb 18, 2026