Dear Feh Security Team,
Howdy! We are Computer Science students from Texas A&M University, and for a class project, we were tasked to find a non-web vulnerability in a project available in GitHub.
We are reporting a Command Injection vulnerability discovered in the Feh's system functionality.
Our goal is to help secure the project and complete an academic assignment. We have a full technical report including reproduction scripts and a suggested code fix ready for your review.
Please let us know if you would like us to send the full details over this thread or via a preferred secure platform.
Best regards,
Paavan Bagla
Archit Goyal
Michael Hurtado
Venkat Nallam
Jaden Wang
Dear Feh Security Team,
Howdy! We are Computer Science students from Texas A&M University, and for a class project, we were tasked to find a non-web vulnerability in a project available in GitHub.
We are reporting a Command Injection vulnerability discovered in the Feh's system functionality.
Our goal is to help secure the project and complete an academic assignment. We have a full technical report including reproduction scripts and a suggested code fix ready for your review.
Please let us know if you would like us to send the full details over this thread or via a preferred secure platform.
Best regards,
Paavan Bagla
Archit Goyal
Michael Hurtado
Venkat Nallam
Jaden Wang