FlagThis

CyberSecurity updates
2025-01-30 20:32:55 Pacfic
gbhackers.com
Node.js Vulnerability Exposes Systems To RCE Attacks - 6d
Read more: gbhackers.com

A critical command injection vulnerability, identified as CVE-2024-56334, has been discovered in the widely-used Node.js ‘systeminformation’ package, potentially exposing millions of systems to remote code execution (RCE) attacks and privilege escalation. The vulnerability lies within the `getWindowsIEEE8021x` function, which retrieves network SSID information. This function fails to sanitize the SSID properly before passing it as a parameter to `cmd.exe`. Attackers can embed malicious commands within the SSID of a Wi-Fi network that would then be executed on a vulnerable system when this function is called, demonstrating how an improperly sanitized SSID can be used to inject system commands.

The flaw affects versions of ‘systeminformation’ up to and including 5.23.6. A proof of concept demonstrated that by connecting to a malicious Wi-Fi hotspot, attackers can execute arbitrary operating system commands on vulnerable machines, including initiating an indefinite ping loop or executing a malicious file. The maintainers of the package have released version 5.23.7, which addresses the vulnerability with sanitization. All users are strongly urged to update to the latest version immediately to mitigate the risk of RCE or privilege escalation attacks.

Original img attribution: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiCvWSkTfgNJ9bChIkmBs-rh5dfFBhllgRsvoj6oZ3eG-BcDd8wwzFRMVxLXkMqWvhf1I888HZSVR7m3wgcA6qeAYH2BgI6lkeBfVCXjZD2UzjwanDQqPtRwpd__QbW-ihSFiboaAhPOBkneC48zYflVdRfGNG6ps3b9uJRXVhUWc_FtgcTYCS_DvBpWBv/s1600/vulnerability-1.webp
ImgSrc: blogger.googleusercontent.com
References:

Classification:

This site is an experimental news aggregator using feeds I personally follow. You can provide me feedback using this form or using Bluesky.