Severity: Critical
CVSS Score: 9.8
network-manager through 1.0.2 allows remote attackers to execute arbitrary commands via the "execSync()" argument.