CVE-2019-25158 | pedroetb tts-api up to 2.1.4 app.js onSpeechDone os command injection

CVE-2019-25158 | pedroetb tts-api up to 2.1.4 app.js onSpeechDone os command injection

A vulnerability has been found in pedroetb tts-api up to 2.1.4 and classified as critical. This vulnerability affects the function onSpeechDone of the file app.js. The manipulation leads to os command injection. This vulnerability was named CVE-2019-25158. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.