Typescript Command Injection In Exec
Description
Detects potential command injection vulnerabilities in TypeScript code where unsanitized input could be passed to command execution functions. This vulnerability could allow attackers to execute arbitrary system commands through manipulated input parameters, potentially leading to server compromise.
Detection Strategy
• Identifies calls to command execution functions like exec(), spawn(), or execSync() in TypeScript code
• Checks if command strings or arguments passed to these execution functions contain or are derived from external input
• Reports a vulnerability when command execution functions receive dynamic or user-controlled input without proper sanitization
• Examines string concatenation and template literals used in command construction
• Traces data flow to determine if command parameters originate from unsafe sources like HTTP requests or file reads
Vulnerable code example
const cp = require('child_process');
function executeCommand(userInput) {
// Vulnerable: Unsanitized user input directly concatenated into command
const cmd = 'ls ' + userInput;
cp.exec(cmd);
}✅ Secure code example
const cp = require('child_process');
function executeCommand(userInput) {
// Safe: Using execFile with array arguments prevents command injection
cp.execFile('ls', [userInput], (error, stdout, stderr) => {
if (error) {
console.error('Error:', error);
return;...Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.