diff --git a/docs/history.html b/docs/history.html index dd36140..cc2ee28 100644 --- a/docs/history.html +++ b/docs/history.html @@ -57,6 +57,11 @@ + + 5.21.7 + 2023-09-19 + wifiConnections() wifiNetworks()fixed security issue (linux) + 5.21.6 2023-09-18 diff --git a/docs/index.html b/docs/index.html index b36c005..02507ff 100644 --- a/docs/index.html +++ b/docs/index.html @@ -166,11 +166,11 @@
- Security advisory:
Update to v5.6.13 + Security advisory:
Update to v5.21.7
systeminformation
 
-
New Version: 5.21.6
+
New Version: 5.21.7
diff --git a/docs/security.html b/docs/security.html index f83404b..20168ea 100644 --- a/docs/security.html +++ b/docs/security.html @@ -49,6 +49,24 @@

This can lead to serious impact on your servers!

We highly recommend to always upgrade to the latest version of our package. We maintain security updates for version 5 AND also version 4. For version 4 you can install latest version by placing "systeminformation": "^4" in your package.json (dependencies) and run npm install

+

SSID Command Injection Vulnerability

+

Affected versions: + < 5.21.07 and < 4.34.22
+ Date: 2023-09-19
+ CVE indentifier - +

+ +

Impact

+

We had an issue that there was a possibility to perform a potential command injection possibility by crafting detected SSIDs in wifiConnections(), wifiNetworks().

+ +

Patch

+

Problem was fixed with parameter checking. Please upgrade to version >= 5.7.21 (or >= 4.34.22 if you are using version 4).

+ +

Workaround

+

If you cannot upgrade, be sure to check or sanitize parameter strings that are passed to wifiConnections(), wifiNetworks() (string only)

+
+
+

Command Injection Vulnerability

Affected versions: < 5.6.13 and < 4.34.21
@@ -255,4 +273,4 @@ - \ No newline at end of file + diff --git a/lib/wifi.js b/lib/wifi.js index ea6a4f5..40626d4 100644 --- a/lib/wifi.js +++ b/lib/wifi.js @@ -549,7 +549,15 @@ function wifiConnections(callback) { const wpaDetails = wpaConnectionLinux(ifaceSanitized); const ssid = nmiDetails.ssid || wpaDetails.ssid; const network = networkList.filter(nw => nw.ssid === ssid); - const nmiConnection = nmiConnectionLinux(ssid); + let ssidSanitized = ''; + const t = util.isPrototypePolluted() ? '---' : util.sanitizeShellString(ssid, true); + for (let i = 0; i <= util.mathMin(t.length, 2000); i++) { + if (t[i] !== undefined) { + ssidSanitized = ssidSanitized + t[i]; + } + } + + const nmiConnection = nmiConnectionLinux(ssidSanitized); const channel = network && network.length && network[0].channel ? network[0].channel : (wpaDetails.channel ? wpaDetails.channel : null); const bssid = network && network.length && network[0].bssid ? network[0].bssid : (wpaDetails.bssid ? wpaDetails.bssid : null); if (ssid && bssid) {