screenshot-desktop Command Injection Vulnerability in Format Option Allowing Arbitrary Command Execution

A command injection vulnerability has been identified in the screenshot-desktop application, which allows users to capture screenshots of their local machine. The issue arises because user-controlled input in the format option of the screenshot function is interpolated into a shell command without proper sanitization. This flaw enables arbitrary command execution with the privileges of the calling process. The vulnerability affects versions prior to 1.15.2.

Impact

Exploitation of this vulnerability allows for arbitrary command execution with the privileges of the calling process. In a server-side context, this could lead to a full compromise of confidentiality, integrity, and availability.

Reproduction

To reproduce this vulnerability, pass untrusted input into the format option of the screenshot function. The input will be executed as a shell command, allowing for arbitrary command execution.

Remediation

Users are advised to upgrade to version 1.15.2 or later. If an immediate upgrade is not possible, validate or whitelist acceptable format values, sanitize unexpected input, and avoid allowing user-controlled data to reach the format option.