A vulnerability was found in windows-selenium-chromedriver on Node.js (JavaScript Library) (version now known). It has been rated as critical. Affected by this issue is some unknown processing of the component Download. The manipulation with an unknown input leads to a cryptographic issues vulnerability. Using CWE to declare the problem leads to CWE-310. Impacted is confidentiality, integrity, and availability. CVE summarizes:

windows-selenium-chromedriver is a module that downloads the Selenium Jar file. windows-selenium-chromedriver downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server.

The bug was discovered 01/01/2017. The weakness was published 06/04/2018 (Website). The advisory is shared for download at nodesecurity.io. This vulnerability is handled as CVE-2016-10687 since 10/29/2017. The attack may be launched remotely. No form of authentication is required for exploitation. There are neither technical details nor an exploit publicly available. The MITRE ATT&CK project declares the attack technique as T1600.

The vulnerability was handled as a non-public zero-day exploit for at least 519 days. During that time the estimated underground price was around $0-$5k.

There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Productinfo

Type

• JavaScript Library

Name

• windows-selenium-chromedriver

CPE 2.3info

• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion