Lucene search
Veracode Vulnerability DatabaseVERACODE:32041HistorySep 10, 2021 - 3:17 a.m.
Command Injection
2021-09-1003:17:55
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
9
0.005 Low
EPSS
Percentile
77.3%
systeminformation vulnerable to Command Injection. The si.services function does not properly validate the input strings, allowing a malicious user to inject and execute malicious commands.
| CPE | Name | Operator | Version |
|---|---|---|---|
| systeminformation | le | 4.26.1 | |
| systeminformation | le | 4.26.1 |
References
github.com/advisories/GHSA-fj59-f6c3-3vw4
github.com/sebhildebrandt/systeminformation/commit/bad372e654cdd549e7d786acbba0035ded54c607
github.com/sebhildebrandt/systeminformation/commit/f89a2ec63fe4dba889612a086ea243a2e7d57f58
github.com/sebhildebrandt/systeminformation/security/advisories/GHSA-fj59-f6c3-3vw4
securitylab.github.com/advisories/GHSL-2020-112-systeminformation/
www.npmjs.com/package/systeminformation
Related
osv
osv
Command Injection in systeminformation
2020-10-27 20:40:00
CVE-2020-26300
2021-09-09 01:15:06
prion
prion
Command injection
2021-09-09 01:15:00
cvelist
cvelist
CVE-2020-26300 Command injection in systeminformation
2021-09-09 01:10:11
github
github
Command Injection in systeminformation
2020-10-27 20:40:00
cve
cve
CVE-2020-26300
2021-09-09 01:15:06
nvd
nvd
CVE-2020-26300
2021-09-09 01:15:06