Command Injection Vulnerability in BrowserStack Local by Node.js
CVE-2025-57283
7.8HIGH
What is CVE-2025-57283?
The browserstack-local package version 1.5.8 has a command injection vulnerability due to improper sanitation of the logfile variable in its lib/Local.js file. This flaw can be exploited by attackers to execute arbitrary commands on affected systems, potentially leading to unauthorized access and control. It is essential for users of browserstack-local to review their implementation and apply necessary security measures to mitigate this risk.
