Lucene search

CVE-2021-27185

🗓️ 10 Feb 2021 22:13:15Reported by [email protected]Type

The samba-client package for Node.js is vulnerable to command injection due to the use of process.exec

Reporter	Title	Published	Views	Family All 9
OSV	Command injection in samba-client	11 Feb 202120:47	–	osv
OSV	CVE-2021-27185	10 Feb 202122:15	–	osv
Node.js	Command Injection	24 Feb 202103:09	–	nodejs
Github Security Blog	Command injection in samba-client	11 Feb 202120:47	–	github
Cvelist	CVE-2021-27185	10 Feb 202121:04	–	cvelist
CVE	CVE-2021-27185	10 Feb 202122:15	–	cve
Veracode	Remote Code Execution (RCE)	11 Feb 202105:23	–	veracode
Veracode	OS Command Injection	15 Feb 202104:14	–	veracode
Prion	Command injection	10 Feb 202122:15	–	prion

Nvd

Node

samba-client_project samba-clientRange<4.0.0node.js

Source	Link
npmjs	www.npmjs.com/package/samba-client
github	www.github.com/eflexsystems/node-samba-client/releases/tag/4.0.0
github	www.github.com/eflexsystems/node-samba-client/commit/5bc3bbad9b8d02243bc861a11ec73f788fbb1235
advisory	www.advisory.checkmarx.net/advisory/CX-2021-4302
security	www.security.netapp.com/advisory/ntap-20210319-0002/

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

10 Feb 2021 22:15Current

CVSS27.5

CVSS39.8

EPSS0.0035

CWE-77