CVE-2017-12581

NONE EPSS 93.1%
Published Aug 6, 20178y ago · Modified Jun 17, 20262w ago
Find Similar
Published Aug 6, 2017 8y ago
Last Modified Jun 17, 2026 2w ago

Description

GitHub Electron before 1.6.8 allows remote command execution because of a nodeIntegration bypass vulnerability. This also affects all applications that bundle Electron code equivalent to 1.6.8 or earlier. Bypassing the Same Origin Policy (SOP) is a precondition; however, recent Electron versions do not have strict SOP enforcement. Combining an SOP bypass with a privileged URL internally used by Electron, it was possible to execute native Node.js primitives in order to run OS commands on the user's host. Specifically, a chrome-devtools://devtools/bundled/inspector.html window could be used to eval a Node.js child_process.execFile API call.

Threat Intelligence

EPSS Exploit Probability
93.1% percentile
Exploit & Patch Status
Public Exploit Known
No Patch Available

Weaknesses 1

CWE-78 OS Command Injection Injection

Affected Products 1

VendorProductVersionRange
electronelectron* ≤1.6.7

References 2

  • blog.doyensec.com https://blog.doyensec.com/2017/08/03/electron-framework-security.html
    ExploitTechnical DescriptionThird Party Advisory
  • doyensec.com https://doyensec.com/resources/us-17-Carettoni-Electronegativity-A-Study-Of-Electron-Security.pdf
    ExploitTechnical DescriptionThird Party Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.