CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Systeminformation: >> Systeminformation >> 5.17.2 Security Vulnerabilities

CVE-2023-42810

systeminformation is a System Information Library for Node.JS. Versions 5.0.0 through 5.21.6 have a SSID Command Injection Vulnerability. The problem was fixed with a parameter check in version 5.21.7. As a workaround, check or sanitize parameter strings that are passed to `wifiConnections()`, `wifiNetworks()` (string only).

CVSS Score

9.8

EPSS Score

0.021

Published

2023-09-21

Page 1

Vulnerabilities

Vulnerable Software

Systeminformation: >> Systeminformation >> 5.17.2 Security Vulnerabilities

Products

Pricing

Contact Us