What is CVE-2022-21191?

CVE-2022-21191 presents a high-severity command injection vulnerability in the global-modules-path package prior to version 3.0.0. Organizations using this package should prioritize remediation to prevent potential exploitation.

What is the severity of CVE-2022-21191?

CVE-2022-21191 has a severity rating of HIGH with a CVSS base score of 7.4.

CVE-2022-21191 | High Vulnerability in global-modules-path

CVE-2022-21191 is a high-severity vulnerability affecting versions of the global-modules-path package prior to 3.0.0. This vulnerability allows for command injection due to inadequate input sanitization in the getPath function. The potential impact is severe, as attackers could execute arbitrary commands on the affected systems. Organizations utilizing this package need to act swiftly to mitigate the risks associated with this vulnerability.

The vulnerability received a CVSS base score of 7.4, indicating a high severity level. It is crucial for organizations to understand the implications of this vulnerability, especially in production environments where the global-modules-path package is in use. The attack vector is classified as local, requiring physical or logical access to the vulnerable systems, but the consequences of successful exploitation could lead to significant data breaches or service disruptions.

Currently, there are no known exploits publicly available for this vulnerability, which can be seen as a temporary advantage for organizations. However, this should not lead to complacency; the potential for exploitation remains, particularly as awareness of the vulnerability spreads. Therefore, organizations should prioritize patching immediately.

The urgency for defenders cannot be overstated. Organizations must address this vulnerability within their priority patch cycle, given the potential risks associated with its exploitation.

Vulnerability Details

The official description of CVE-2022-21191 states that versions of the global-modules-path package prior to 3.0.0 are vulnerable to command injection due to missing input sanitization. This vulnerability falls under the Common Weakness Enumeration (CWE) categories CWE-78 (OS Command Injection) and CWE-77 (Command Injection).

The CVSS score for this vulnerability is 9.8 based on the NVD's assessment, which categorizes it as critical, indicating a significant risk to confidentiality, integrity, and availability. The affected product is the global-modules-path package, and the vendor associated with this vulnerability is global-modules-path_project.

This vulnerability was published on January 13, 2023, and has since been modified to reflect ongoing assessments. Organizations should ensure that they are using the patched version 3.0.0 or later.

Technical Analysis

The root cause of CVE-2022-21191 is the lack of input sanitization in the getPath function of the global-modules-path package. Attackers may leverage this flaw to execute arbitrary commands in the context of the application. The attack vector is local, necessitating that the attacker has access to the system where the vulnerable package is installed.

The attack complexity is rated as high, meaning that successful exploitation requires a specific set of conditions to be met, which could include knowledge of the system and its configurations. There are no privileges required for exploitation, which adds to the severity of the risk.

User interaction is not needed, which means attackers can exploit the vulnerability without any action from legitimate users. The confidentiality, integrity, and availability impacts are all rated as high, indicating that successful exploitation can lead to severe consequences for the affected systems.

Risk & Impact Analysis

Organizations utilizing the global-modules-path package are at significant risk due to the potential for command injection. The blast radius can be extensive, especially in environments where this package is integrated into critical applications or systems. The urgency for organizations to address this vulnerability is underscored by its high CVSS score.

Given that this vulnerability can lead to unauthorized command execution, organizations should assess their exposure and implement necessary controls to mitigate this risk. This may include revising access controls, employing network segmentation, and monitoring for unusual activities that could indicate exploitation attempts.

Organizations should schedule remediation as part of their incident response and vulnerability management processes. The potential for exploitation remains, and proactive measures should be taken to protect systems and data.

Exploitation Status

Signal	Status
Known Exploit	No
Public PoC	No
Actively Exploited	No
Ransomware Use	No

Affected Versions

The affected versions of the global-modules-path package include all versions prior to 3.0.0. Organizations must upgrade to version 3.0.0 or later to mitigate the impact of this vulnerability.

Mitigation & Remediation

Organizations are advised to patch their installations of the global-modules-path package to version 3.0.0 or later. This version addresses the command injection vulnerability by implementing necessary input sanitization measures. For organizations unable to immediately apply the patch, consider implementing temporary workarounds, such as restricting access to systems using the vulnerable package and closely monitoring for any suspicious activities.

In addition to patching, organizations should consider enrolling in continuous penetration testing to identify similar weaknesses in their applications.

Detection Guidance

Organizations should monitor their systems for any anomalies that could indicate an exploitation attempt of this vulnerability. Log indicators to watch include unusual command execution patterns and unauthorized access attempts to the global-modules-path package.

AppSecure Threat Intelligence Insight

The long-term significance of CVE-2022-21191 lies in the prevalence of command injection vulnerabilities in software components, which continue to pose serious risks. Security teams should use this incident as a learning opportunity to enhance their development practices and prioritize secure coding standards.

As the landscape of vulnerabilities evolves, organizations must remain vigilant. This incident highlights the importance of adopting a comprehensive vulnerability management program to proactively identify and remediate potential threats.

Security teams should also consider implementing penetration testing methodologies to further assess their applications and infrastructure against evolving threats.

Ultimately, the key takeaway is that proactive security measures can significantly reduce the risk associated with vulnerabilities like CVE-2022-21191.

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

CVE ID	Title	Severity	Vulnerability Type	Published
CVE-2025-65418	CVE-2025-65418: High Vulnerability in docuFORM Managed Print Service Client	HIGH	Path Traversal	May 11, 2026
CVE-2025-65417	CVE-2025-65417: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	XSS	May 11, 2026
CVE-2025-65416	CVE-2025-65416: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Unrestricted File Upload	May 11, 2026
CVE-2025-65415	CVE-2025-65415: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Session Fixation	May 11, 2026
CVE-2025-61314	CVE-2025-61314: High Vulnerability in GmbH Mecury Managed Print Services	HIGH	XSS	May 11, 2026

CVE-2022-21191: High Vulnerability in global-modules-path_project