HTTP: Electron Java Script Command Injection
This signature detects attempts to exploit a known command Injection vulnerability in Electron. It is due to application compiled with electron improperly validating user supplied inputs.A remote attacker can exploit this by enticing a target user to open a malicious link. In a successful attack could result in execution of arbitrary commands under security context of the user
Extended Description
GitHub Electron versions 1.8.2-beta.3 and earlier, 1.7.10 and earlier, 1.6.15 and earlier has a vulnerability in the protocol handler, specifically Electron apps running on Windows 10, 7 or 2008 that register custom protocol handlers can be tricked in arbitrary command execution if the user clicks on a specially crafted URL. This has been fixed in versions 1.8.2-beta.4, 1.7.11, and 1.6.16.
Short Name
HTTP:STC:SCRIPT:ELECTRON-CMD-IN
Severity
Major
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2018-1000006 Command Electron Injection Java Script bid:102796
Release Date
02/15/2018
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3377
False Positive
Unknown
CVSS Score
9.3