Command Injection Vulnerability in systeminformation - systeminformation

Description

command injection vulnerability

Recommendation

Update the systeminformation package to the latest compatible version. Followings are version details:

• Affected version(s): < 4.31.1
• Patched version(s): 4.31.1

References

• GHSA-m57p-p67h-mq74
• www.npmjs.com
• CVE-2020-26274
• CWE-78
• CAPEC-310
• OWASP 2021-A3
• OWASP 2021-A6

Related Issues

• systeminformation command injection vulnerability - CVE-2020-7752
• OS Command Injection in systeminformation - CVE-2020-7778
• Command Injection in systeminformation - CVE-2020-26300
• Command Injection Vulnerability in systeminformation - CVE-2021-21388

You might also like:

How do hackers hack websites?

These 7 PHP mistakes leave your website open to the hackers

Exploiting Server Version Disclosure

Tags:

npm

systeminformation