OS Command Injection
The macaddress module is prone to an arbitrary command injection flaw, due to allowing unsanitized input to an exec (rather than execFile) call.
Advisories for Npm/Macaddress package
2018
The macaddress module is prone to an arbitrary command injection flaw, due to allowing unsanitized input to an exec (rather than execFile) call.