CVE-2021-21315
System Information Library for Node.JS Command Injection
CVSS
—
No CVSS
EPSS
90.2%
p100
KEV
YES
Jan 18, 2022
Exploit Today
80
0-100
Published: — · Last modified: —
90.2%EPSS · 30 days90.2%
2026-06-302026-07-16
Product
Npm package / System Information Library for Node.JS
Vulnerability
System Information Library for Node.JS Command Injection
Added to KEV
Jan 18, 2022
Remediate by
Feb 1, 2022
Known ransomware use
No
Summary description
In this vulnerability, an attacker can send a malicious payload that will exploit the name parameter. After successful exploitation, attackers can execute remote.
Required action
Apply updates per vendor instructions.
Notes
https://nvd.nist.gov/vuln/detail/CVE-2021-21315
No related CVEs by CWE or product.