← ExploitWatch
HomeExploited Vulnerabilities

CVE-2021-21315 — Actively Exploited: System Information Library for Node.JS (Npm package)

In this vulnerability, an attacker can send a malicious payload that will exploit the name parameter. After successful exploitation, attackers can execute remote.

CVE IDCVE-2021-21315
VendorNpm package
ProductSystem Information Library for Node.JS
Vulnerability nameSystem Information Library for Node.JS Command Injection
Date added2022-01-18
Remediation due2022-02-01
Known ransomware useUnknown
Required actionApply updates per vendor instructions.
DescriptionIn this vulnerability, an attacker can send a malicious payload that will exploit the name parameter. After successful exploitation, attackers can execute remote.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →