Lucene search
CVE-2021-21315
The Node.JS System Information Library (npm package “systeminformation”) before version 5.3.1 allows command injection via several service parameters. Upgrade to version 5.3.1 to fix the problem, or sanitize service parameters to only allow strings and reject arrays. String sanitation is effective
Show more
| Reporter | Title | Published | Views | Family All 23 |
|---|---|---|---|---|
 | CVE-2021-21315 Command Injection Vulnerability | 16 Feb 202117:00 | – | vulnrichment |
 | OS Command Injection | 17 Feb 202103:15 | – | veracode |
 | System Information Library for Node.JS Command Injection | 18 Jan 202200:00 | – | cisa_kev |
 | CVE-2021-21315 Command Injection Vulnerability | 16 Feb 202117:00 | – | cvelist |
 | NodeJS System Information Library Command Injection (CVE-2021-21315) | 10 Aug 202200:00 | – | nessus |
 | Exploit for OS Command Injection in Systeminformation | 10 Nov 202106:40 | – | githubexploit |
| Exploit for OS Command Injection in Systeminformation | 1 Mar 202118:52 | – | githubexploit |
| Exploit for OS Command Injection in Systeminformation | 4 Mar 202111:47 | – | githubexploit |
| Exploit for OS Command Injection in Systeminformation | 18 Jul 202101:18 | – | githubexploit |
 | Command Injection Vulnerability | 16 Feb 202116:51 | – | github |
10
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo16 Feb 2021 00:00Current
7.5High risk
Vulners AI Score7.5
CVSS24.6
CVSS37.1 - 7.8
EPSS0.93835