### [CVE-2016-7099](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7099)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

The tls.checkServerIdentity function in Node.js 0.10.x before 0.10.47, 0.12.x before 0.12.16, 4.x before 4.6.0, and 6.x before 6.7.0 does not properly handle wildcards in name fields of X.509 certificates, which allows man-in-the-middle attackers to spoof servers via a crafted certificate.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Aaron40/covenant-university-website
- https://github.com/Clean-home-ltd/proffesional-clean-home-ltd
- https://github.com/FerreWagner/Node
- https://github.com/Fraunhofer0126/book_management_system
- https://github.com/GabrielNumaX/TP-final-con-modal
- https://github.com/GabrielNumaX/TP-final-lab-IV
- https://github.com/JanDAXC/Discord-Bot
- https://github.com/KIMBIBLE/coverity_node_master
- https://github.com/MO2k4/node-js-6
- https://github.com/Nishokmn/Node
- https://github.com/PLSysSec/lockdown-node
- https://github.com/Rohit89Kr/node-master
- https://github.com/TimothyGu/node-no-icu
- https://github.com/TommyTeaVee/nodejs
- https://github.com/acldm/nodejs_booksmanager
- https://github.com/adv-ai-tech/npmreadme
- https://github.com/agenih/Nodejs
- https://github.com/alibaba/AliOS-nodejs
- https://github.com/an-hoang-persional/Demo-Node-Js
- https://github.com/ayojs/ayo
- https://github.com/codedrone/node
- https://github.com/corso75/nodejs
- https://github.com/devmohgoud/Wimo
- https://github.com/devmohgoud/WimoTask
- https://github.com/dwrobel/node-shared
- https://github.com/erwilson98/project4
- https://github.com/evilpixi/nuevoproy
- https://github.com/evilpixi/redsocial
- https://github.com/freedeveloper000/node
- https://github.com/iamgami/nodemysql
- https://github.com/iamir0/fivem-node
- https://github.com/imdebop/node891portable
- https://github.com/imfahim/MovieCollabs
- https://github.com/jebuslperez/md
- https://github.com/jkirkpatrick260/node
- https://github.com/joelwembo/NodeBackendUtils
- https://github.com/joelwembo/angular6restaurantdemoproject
- https://github.com/kavitharajasekaran1/node-sample-code-employee
- https://github.com/konge10/TCA-ModMail
- https://github.com/kp96/nodejs-patched
- https://github.com/luk12345678/laravel-angular-authentication7
- https://github.com/madwax/node-archive-support
- https://github.com/mkmdivy/africapolisOld
- https://github.com/modejs/mode
- https://github.com/nuubes-test/Nuubes
- https://github.com/pearlsoflutra5/group
- https://github.com/petamaj/node-tracer
- https://github.com/petamaj/nodetracer
- https://github.com/pradhyu-singh/node
- https://github.com/r0flc0pt4/node
- https://github.com/ravichate/applications
- https://github.com/reactorlabs/phase3_ii
- https://github.com/senortighto/Nodejs
- https://github.com/stanislavZaturinsky/node.js-parser
- https://github.com/sunojapps/node
- https://github.com/synergyfr/tth_nodejs
- https://github.com/tuzhu008/canvas_cn
- https://github.com/tuzhu008/gitbook-Node_cn
- https://github.com/wonjiky/africa
- https://github.com/xeaola/nodeJS-source
- https://github.com/yeerkkiller1/nodejs