logo
DATABASE RESOURCES PRICING ABOUT US

Command Injection Vulnerability

Description

### Impact command injection vulnerability ### Patches Problem was fixed with a parameter check. Please upgrade to version >= 5.3.1 ### Workarounds If you cannot upgrade, be sure to check or sanitize service parameters that are passed to si.inetLatency(), si.inetChecksite(), si.services(), si.processLoad() ... do only allow strings, reject any arrays. String sanitation works as expected.


Affected Software


CPE Name Name Version
systeminformation 5.3.1

Related