CVE-2020-7752

Summary

This affects the package systeminformation before 4.27.11. This package is vulnerable to Command Injection. The attacker can concatenate curl's parameters to overwrite Javascript files and then execute any OS commands.

Affected Software

VendorProductVersion RangeStatus
n/asysteminformationunspecified < 4.27.11affected

Weaknesses

  • Command Injection

ADP Enrichment

CVE Program Container

Additional References

References