OS Command Injection in es128 ssl-utils 1.0.0 for Node.js

OS Command Injection in es128 ssl-utils 1.0.0 for Node.js

CVE-2021-34080 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

OS Command Injection vulnerability in es128 ssl-utils 1.0.0 for Node.js allows attackers to execute arbitrary commands via unsanitized shell metacharacters provided to the createCertRequest() and the createCert() functions.

Learn more about our Web Application Penetration Testing UK.