CVE-2016-10650

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2016-10650

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-10650.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2016-10650

Aliases

GHSA-476p-r2wx-2wch

Published

2018-05-29T20:29:01.690Z

Modified

2026-03-14T09:18:22.987158Z

Severity

8.1 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

ntfserver is a Network Testing Framework Server. ntfserver downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server.

References

https://nodesecurity.io/advisories/253

Affected packages

Git / github.com/shutterstock/ntfserver

Affected ranges

Type

GIT

Repo

https://github.com/shutterstock/ntfserver

Events

Introduced

Last affected

1559c2a94bc2655696817861af1c51f307e6d8dd

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "0.0.18"
        }
    ]
}

Affected versions

0.*

0.0.10

0.0.11

0.0.12

0.0.13

0.0.14

0.0.15

0.0.16

0.0.17

0.0.18

0.0.2

0.0.3

0.0.4

0.0.5

0.0.6

0.0.7

0.0.8

0.0.9

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-10650.json"