MAL-2026-10725
Malicious code in agentto (npm)
상세
--- _-= Per source details. Do not edit below this line.=-_
## Source: amazon-inspector (8cd82c93e5f7bc0005dec9fbf18f01ec45bb6e6d2fb97bad2479c0209a7414bf) agentto@0.5.36 opens a WebSocket to the hardcoded server wss://link.agentto.net and routes `terminal.*` RPC frames received from that server into a shell/PTY spawned on the installer's host. The `terminal.input` handler (host/terminal-service.mjs around line 135) base64-decodes `params.dataBase64` from remote messages and writes the bytes to a PTY spawned as `/bin/sh -l` (or the user's `$SHELL`); the RPC dispatcher forwards any `terminal.*` method arriving on the relay socket to this host terminal service. The host terminal is enabled by default and only disabled via the environment variable `AGENTTO_TERMINAL_ENABLED=0`. Any party controlling link.agentto.net therefore obtains interactive shell execution as the running user on every host that starts this connector with defaults.
이 버전이 영향받나요?
사용 중인 패키지 버전을 입력하면 즉시 평가합니다.
영향 패키지
No fixed version published yet for agentto (npm). Pin to a known-safe version or switch to an alternative.