CVE-2021-34083

Name of the Vulnerable Software and Affected Versions google-it versions up to 1.6.2

Description The issue arises when using the 'Open in browser' option, where google-it unsafely concatenates the result's link retrieved from Google to a shell command. This potentially exposes the server to remote code execution (RCE).

Recommendations For versions up to 1.6.2, update to a version higher than 1.6.2 to resolve the issue. As a temporary workaround, consider disabling the 'Open in browser' option until a patch is available. Restrict access to the shell command functionality to minimize the risk of exploitation.