This affects the package systeminformation before 4.27.11. This package is vulnerable to Command Injection. The attacker can concatenate curl's parameters to overwrite Javascript files and then execute any OS commands.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: snyk

Published: 2020-10-26T17:12:38.827301Z

Updated: 2024-09-17T01:56:58.841Z

Reserved: 2020-01-21T00:00:00

Link: CVE-2020-7752

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2020-10-26T17:15:12.987

Modified: 2024-11-21T05:37:44.200

Link: CVE-2020-7752

cve-icon Redhat

No data.