CVE-2021-21315 - System Information Library for Node.JS Command Injection
Project:Npm package
Product:System Information Library for Node.JS
Date Added:2022-01-18Due Date:2022-02-01
Vulnerability Name
System Information Library for Node.JS Command Injection
Description
In this vulnerability, an attacker can send a malicious payload that will exploit the name parameter. After successful exploitation, attackers can execute remote.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Apply updates per vendor instructions.
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2021-21315