Impact A command injection vulnerability exists in electerm's file system operations (rmrf, mv, cp) in src/app/lib/fs.js. These functions construct shell commands by interpolating file paths directly into command string…
| CVE ID | CVE-2026-49255 |
| Vendor | npm |
| Affected Product | electerm |
| Vulnerability Type | Vulnerability |
| CVSS Score | 8.8 (HIGH) |
| Actively Exploited | ❌ No known exploitation |
| Patch Status | See Vendor Advisory → |
| Reported By | CYBERDUDEBIVASH SENTINEL APEX Intelligence (via github_advisories) |
#
rmrf, mv, cp) in src/app/lib/fs.js. These functions construct shell commands by interpolating file paths directly into command strings without escaping shell metacharacters. Vulnerable functions:rmrf() - Uses rm -rf "${path}" (double quotes, vulnerable to " injection)mv() - Uses mv '${from}' '${to}' (single quotes, vulnerable to ' injection)cp() - Uses cp -r "${from}" "${to}" (double quotes, vulnerable to " injection) Attack scenario:1. Attacker controls a malicious SSH/SFTP server 2. Server lists files with shell metacharacters in names (e.g., file"$(touch /tmp/pwned)") 3. Victim connects to the server and performs file operations (remote-to-local transfe
Sigma rules, YARA signatures, IOC table, and SIEM queries for Splunk, Elastic, Sentinel, and Chronicle — deployable in 5 minutes.