systeminformation is a System Information Library for Node.JS. Versions 5.0.0 through 5.21.6 have a SSID Command Injection Vulnerability. The problem was fixed with a parameter check in version 5.21.7. As a workaround, check or sanitize parameter strings that are passed to `wifiConnections()`, `wifiNetworks()` (string only).
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: GitHub_M
Published: 2023-09-21T17:11:54.756Z
Updated: 2023-09-21T17:11:54.756Z
Reserved: 2023-09-14T16:13:33.307Z
Link: CVE-2023-42810
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-09-21T18:15:12.327
Modified: 2023-09-23T03:38:14.547
Link: CVE-2023-42810
JSON object: View
Redhat Information
No data.
CWE