This affects the package systeminformation prior to 4.27.11. This package is vulnerable to Command Injection. The attacker can concatenate curl's parameters to overwrite Javascript files and then execute any OS commands.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
systeminformation systeminformation |