{"id":"CVE-2020-7778","details":"This affects the package systeminformation before 4.30.2. The attacker can overwrite the properties and functions of an object, which can lead to executing OS commands.","aliases":["GHSA-8j36-q8x7-pm6q"],"modified":"2026-07-08T19:45:06.691522Z","published":"2020-11-26T11:15:10.787Z","related":["SNYK-JS-SYSTEMINFORMATION-1043753"],"references":[{"type":"ADVISORY","url":"https://snyk.io/vuln/SNYK-JS-SYSTEMINFORMATION-1043753"},{"type":"FIX","url":"https://github.com/sebhildebrandt/systeminformation/commit/11103a447ab9550c25f1fbec7e6d903720b3fea8%23diff-970ae648187190f86bafc8f193b7538200eba164fad0674428b6487582c089cc"},{"type":"FIX","url":"https://github.com/sebhildebrandt/systeminformation/commit/73dce8d717ca9c3b7b0d0688254b8213b957f0fa%23diff-970ae648187190f86bafc8f193b7538200eba164fad0674428b6487582c089cc"},{"type":"EVIDENCE","url":"https://gist.github.com/EffectRenan/b434438938eed0b21b376cedf5c81e80"},{"type":"EVIDENCE","url":"https://github.com/sebhildebrandt/systeminformation/blob/master/lib/internet.js"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/sebhildebrandt/systeminformation","events":[{"introduced":"0"},{"fixed":"f828d6ed3d9a28ccde4e9cf2fcf93204a8c77c40"}],"database_specific":{"cpe":"cpe:2.3:a:systeminformation:systeminformation:*:*:*:*:*:node.js:*:*","extracted_events":[{"introduced":"0"},{"fixed":"4.30.2"}],"source":"CPE_RANGE"}}],"versions":["v4.30.1","v4.30.0","v4.29.3","v4.29.2","v4.29.1","v4.29.0","v4.28.1","v4.28.0","v4.27.11","v4.27.10","v4.27.9","v4.27.8","v4.27.7","v4.27.6","v4.27.5","v4.27.4","v4.27.3","v4.27.2","v4.27.1","v4.27.0","v4.26.12","v4.26.11","v4.26.10","v4.26.9","v4.26.8","v4.26.7","v4.26.6","v4.26.5","v4.26.4","v4.26.3","v4.26.2","v4.25.2","v4.24.1","v4.24.0","v4.23.10","v4.23.9","v4.23.8","v4.23.7","v4.23.6","v4.23.5","v4.23.4","v4.23.3","v4.23.2","v4.23.1","v4.23.0","v4.22.7","v4.22.6","v4.21.0","v4.20.1","v4.20.0","v4.19.4","v4.19.3","v4.19.2","v4.19.1","v4.19.0","v4.18.3","v4.18.2","v4.18.1","v4.18.0","v4.17.3","v4.17.2","v4.17.1","v4.17.0","v4.16.1","v4.16.0","v4.15.1","v4.15.0","v4.14.15","v4.14.14","v4.14.11","v4.14.10","v4.14.9","v4.14.7","v4.14.6","v4.14.5","v4.14.3","v4.14.0","v4.13.2","v4.13.1","v4.12.2","v4.12.1","v4.11.6","v4.11.5","v4.9.0","v4.8.4","v4.7.3","v4.7.2","v4.7.1","v4.7.0","v4.6.1","v4.3.0","v4.2.1","v4.2.0","v4.1.8","v4.1.7","v4.1.6","v4.1.5","v4.0.15","v4.0.14","v4.0.13","v4.0.12","v4.0.9","v4.0.7","v4.0.6","v3.52.1","v3.52.0","v3.51.2","v3.51.1","v3.48.4","v3.48.3","v3.48.2","v3.45.9","v3.45.8","v3.42.8","v3.42.7","v3.42.6","v3.42.5"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-7778.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}]}