CVE-2019-10804

Summary

serial-number through 1.3.0 allows execution of arbritary commands. The "cmdPrefix" argument in serialNumber function is used by the "exec" function without any validation.

Affected Software

VendorProductVersion RangeStatus
n/aserial-numberAll versions including 1.3.0affected

Weaknesses

  • Command Injection

ADP Enrichment

CVE Program Container

Additional References

References