Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2015-2857

Summary
Assigner-certcc
Assigner Org ID-37e5125f-f79b-445b-8fad-9564f167944b
Published At-22 Aug, 2017 | 15:00
Updated At-06 Aug, 2024 | 05:24
Rejected At-
Credits

Accellion File Transfer Appliance before FTA_9_11_210 allows remote attackers to execute arbitrary code via shell metacharacters in the oauth_token parameter.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:certcc
Assigner Org ID:37e5125f-f79b-445b-8fad-9564f167944b
Published At:22 Aug, 2017 | 15:00
Updated At:06 Aug, 2024 | 05:24
Rejected At:
▼CVE Numbering Authority (CNA)

Accellion File Transfer Appliance before FTA_9_11_210 allows remote attackers to execute arbitrary code via shell metacharacters in the oauth_token parameter.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
http://packetstormsecurity.com/files/132665/Accellion-FTA-getStatus-verify_oauth_token-Command-Execution.html
x_refsource_MISC
http://www.rapid7.com/db/modules/exploit/linux/http/accellion_fta_getstatus_oauth
x_refsource_MISC
https://community.rapid7.com/community/metasploit/blog/2015/07/10/r7-2015-08-accellion-file-transfer-appliance-vulnerabilities-cve-2015-2856-cve-2015-2857
x_refsource_MISC
https://www.exploit-db.com/exploits/37597/
exploit
x_refsource_EXPLOIT-DB
Hyperlink: http://packetstormsecurity.com/files/132665/Accellion-FTA-getStatus-verify_oauth_token-Command-Execution.html
Resource:
x_refsource_MISC
Hyperlink: http://www.rapid7.com/db/modules/exploit/linux/http/accellion_fta_getstatus_oauth
Resource:
x_refsource_MISC
Hyperlink: https://community.rapid7.com/community/metasploit/blog/2015/07/10/r7-2015-08-accellion-file-transfer-appliance-vulnerabilities-cve-2015-2856-cve-2015-2857
Resource:
x_refsource_MISC
Hyperlink: https://www.exploit-db.com/exploits/37597/
Resource:
exploit
x_refsource_EXPLOIT-DB
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
http://packetstormsecurity.com/files/132665/Accellion-FTA-getStatus-verify_oauth_token-Command-Execution.html
x_refsource_MISC
x_transferred
http://www.rapid7.com/db/modules/exploit/linux/http/accellion_fta_getstatus_oauth
x_refsource_MISC
x_transferred
https://community.rapid7.com/community/metasploit/blog/2015/07/10/r7-2015-08-accellion-file-transfer-appliance-vulnerabilities-cve-2015-2856-cve-2015-2857
x_refsource_MISC
x_transferred
https://www.exploit-db.com/exploits/37597/
exploit
x_refsource_EXPLOIT-DB
x_transferred
Hyperlink: http://packetstormsecurity.com/files/132665/Accellion-FTA-getStatus-verify_oauth_token-Command-Execution.html
Resource:
x_refsource_MISC
x_transferred
Hyperlink: http://www.rapid7.com/db/modules/exploit/linux/http/accellion_fta_getstatus_oauth
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://community.rapid7.com/community/metasploit/blog/2015/07/10/r7-2015-08-accellion-file-transfer-appliance-vulnerabilities-cve-2015-2856-cve-2015-2857
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://www.exploit-db.com/exploits/37597/
Resource:
exploit
x_refsource_EXPLOIT-DB
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cret@cert.org
Published At:22 Aug, 2017 | 15:29
Updated At:13 May, 2026 | 00:24

Accellion File Transfer Appliance before FTA_9_11_210 allows remote attackers to execute arbitrary code via shell metacharacters in the oauth_token parameter.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.19.8CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary2.07.5HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Type: Primary
Version: 3.1
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 7.5
Base severity: HIGH
Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P
CPE Matches

Accellion (Kiteworks USA, LLC)
accellion
>>file_transfer_appliance>>Versions up to 9_11_200(inclusive)
cpe:2.3:a:accellion:file_transfer_appliance:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-77Primarynvd@nist.gov
CWE ID: CWE-77
Type: Primary
Source: nvd@nist.gov
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
http://packetstormsecurity.com/files/132665/Accellion-FTA-getStatus-verify_oauth_token-Command-Execution.htmlcret@cert.org
Third Party Advisory
VDB Entry
http://www.rapid7.com/db/modules/exploit/linux/http/accellion_fta_getstatus_oauthcret@cert.org
Exploit
Third Party Advisory
https://community.rapid7.com/community/metasploit/blog/2015/07/10/r7-2015-08-accellion-file-transfer-appliance-vulnerabilities-cve-2015-2856-cve-2015-2857cret@cert.org
Exploit
Third Party Advisory
https://www.exploit-db.com/exploits/37597/cret@cert.org
Exploit
Third Party Advisory
VDB Entry
http://packetstormsecurity.com/files/132665/Accellion-FTA-getStatus-verify_oauth_token-Command-Execution.htmlaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
VDB Entry
http://www.rapid7.com/db/modules/exploit/linux/http/accellion_fta_getstatus_oauthaf854a3a-2127-422b-91ae-364da2661108
Exploit
Third Party Advisory
https://community.rapid7.com/community/metasploit/blog/2015/07/10/r7-2015-08-accellion-file-transfer-appliance-vulnerabilities-cve-2015-2856-cve-2015-2857af854a3a-2127-422b-91ae-364da2661108
Exploit
Third Party Advisory
https://www.exploit-db.com/exploits/37597/af854a3a-2127-422b-91ae-364da2661108
Exploit
Third Party Advisory
VDB Entry
Hyperlink: http://packetstormsecurity.com/files/132665/Accellion-FTA-getStatus-verify_oauth_token-Command-Execution.html
Source: cret@cert.org
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.rapid7.com/db/modules/exploit/linux/http/accellion_fta_getstatus_oauth
Source: cret@cert.org
Resource:
Exploit
Third Party Advisory
Hyperlink: https://community.rapid7.com/community/metasploit/blog/2015/07/10/r7-2015-08-accellion-file-transfer-appliance-vulnerabilities-cve-2015-2856-cve-2015-2857
Source: cret@cert.org
Resource:
Exploit
Third Party Advisory
Hyperlink: https://www.exploit-db.com/exploits/37597/
Source: cret@cert.org
Resource:
Exploit
Third Party Advisory
VDB Entry
Hyperlink: http://packetstormsecurity.com/files/132665/Accellion-FTA-getStatus-verify_oauth_token-Command-Execution.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.rapid7.com/db/modules/exploit/linux/http/accellion_fta_getstatus_oauth
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Third Party Advisory
Hyperlink: https://community.rapid7.com/community/metasploit/blog/2015/07/10/r7-2015-08-accellion-file-transfer-appliance-vulnerabilities-cve-2015-2856-cve-2015-2857
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Third Party Advisory
Hyperlink: https://www.exploit-db.com/exploits/37597/
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Third Party Advisory
VDB Entry

Change History

0
Information is not available yet

Similar CVEs

1183Records found

CVE-2024-21488
Matching Score-4
Assigner-Snyk
ShareView Details
Matching Score-4
Assigner-Snyk
CVSS Score-7.3||HIGH
EPSS-3.23% / 86.76%
||
7 Day CHG~0.00%
Published-30 Jan, 2024 | 05:00
Updated-04 Jul, 2026 | 16:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Versions of the package network before 0.7.0 are vulnerable to Arbitrary Command Injection due to use of the child_process exec function without input sanitization. If (attacker-controlled) user input is given to the mac_address_for function of the package, it is possible for the attacker to execute arbitrary commands on the operating system that this package is being run on.

Action-Not Available
Vendor-forkhqn/a
Product-networknetworkorg.webjars.npm:network
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2026-5020
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-2.23% / 80.65%
||
7 Day CHG~0.00%
Published-29 Mar, 2026 | 00:30
Updated-01 Apr, 2026 | 14:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Totolink A3600R Parameter cstecgi.cgi setNoticeCfg command injection

A vulnerability was detected in Totolink A3600R 4.1.2cu.5182_B20201102. Affected by this issue is the function setNoticeCfg of the file /cgi-bin/cstecgi.cgi of the component Parameter Handler. The manipulation of the argument NoticeUrl results in command injection. The attack may be launched remotely. The exploit is now public and may be used.

Action-Not Available
Vendor-TOTOLINK
Product-a3600ra3600r_firmwareA3600R
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2026-9408
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-9.3||CRITICAL
EPSS-1.73% / 74.87%
||
7 Day CHG~0.00%
Published-25 May, 2026 | 00:00
Updated-26 May, 2026 | 18:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Totolink A8000RU Web Management cstecgi.cgi setStaticDhcpRules os command injection

A vulnerability was detected in Totolink A8000RU 7.1cu.643_b20200521. Affected by this issue is the function setStaticDhcpRules of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. The manipulation of the argument enable results in os command injection. The attack may be performed from remote. The exploit is now public and may be used.

Action-Not Available
Vendor-TOTOLINK
Product-A8000RU
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-5183
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-5.13% / 91.37%
||
7 Day CHG~0.00%
Published-31 Mar, 2026 | 05:45
Updated-30 Apr, 2026 | 17:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
TRENDnet TEW-713RE addRouting sub_421494 command injection

A vulnerability was determined in TRENDnet TEW-713RE up to 1.02. The affected element is the function sub_421494 of the file /goform/addRouting. Executing a manipulation of the argument dest can lead to command injection. It is possible to launch the attack remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-TRENDnet, Inc.
Product-tew-713retew-713re_firmwareTEW-713RE
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2026-5012
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-1.38% / 68.82%
||
7 Day CHG~0.00%
Published-28 Mar, 2026 | 19:15
Updated-24 Apr, 2026 | 16:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
elecV2 elecV2P rpc pm2run os command injection

A flaw has been found in elecV2 elecV2P up to 3.8.3. This issue affects the function pm2run of the file /rpc. Executing a manipulation can lead to os command injection. The attack can be executed remotely. The exploit has been published and may be used. The project was informed of the problem early through an issue report but has not responded yet.

Action-Not Available
Vendor-elecV2
Product-elecV2P
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-15357
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-3.80% / 88.71%
||
7 Day CHG~0.00%
Published-30 Dec, 2025 | 21:02
Updated-09 Jan, 2026 | 19:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
D-Link DI-7400G+ msp_info.htm command injection

A vulnerability was found in D-Link DI-7400G+ 19.12.25A1. This affects an unknown function of the file /msp_info.htm?flag=cmd. The manipulation of the argument cmd results in command injection. The attack can be launched remotely. The exploit has been made public and could be used.

Action-Not Available
Vendor-D-Link Corporation
Product-di-7400g\+_firmwaredi-7400g\+DI-7400G+
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2020-20951
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-4.03% / 89.35%
||
7 Day CHG~0.00%
Published-18 May, 2021 | 15:32
Updated-04 Aug, 2024 | 14:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Pluck-4.7.10-dev2 admin background, a remote command execution vulnerability exists when uploading files.

Action-Not Available
Vendor-pluck-cmsn/a
Product-pluckn/a
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2026-5030
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-2.28% / 81.03%
||
7 Day CHG~0.00%
Published-29 Mar, 2026 | 03:30
Updated-30 Mar, 2026 | 19:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Totolink NR1800X Telnet Service cstecgi.cgi NTPSyncWithHost command injection

A vulnerability has been found in Totolink NR1800X 9.1.0u.6279_B20210910. This issue affects the function NTPSyncWithHost of the file /cgi-bin/cstecgi.cgi of the component Telnet Service. The manipulation of the argument host_time leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-TOTOLINK
Product-nr1800xnr1800x_firmwareNR1800X
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2023-43891
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.91% / 77.28%
||
7 Day CHG~0.00%
Published-02 Oct, 2023 | 00:00
Updated-20 Sep, 2024 | 20:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability in the Changing Username and Password function. This vulnerability is exploited via a crafted payload.

Action-Not Available
Vendor-n/aNetis Systems Co., Ltd.
Product-n3mn3m_firmwaren/an3m_firmware
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2026-5176
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-1.93% / 77.58%
||
7 Day CHG~0.00%
Published-31 Mar, 2026 | 01:15
Updated-06 Apr, 2026 | 15:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Totolink A3300R cstecgi.cgi setSyslogCfg command injection

A security flaw has been discovered in Totolink A3300R 17.0.0cu.557_b20221024. Affected is the function setSyslogCfg of the file /cgi-bin/cstecgi.cgi. Performing a manipulation of the argument provided results in command injection. The attack may be initiated remotely. The exploit has been released to the public and may be used for attacks.

Action-Not Available
Vendor-TOTOLINK
Product-a3300r_firmwarea3300rA3300R
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2020-19001
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-4.32% / 90.00%
||
7 Day CHG~0.00%
Published-27 Aug, 2021 | 18:16
Updated-04 Aug, 2024 | 14:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Command Injection in Simiki v1.6.2.1 and prior allows remote attackers to execute arbitrary system commands via line 64 of the component 'simiki/blob/master/simiki/config.py'.

Action-Not Available
Vendor-simiki_projectn/a
Product-simikin/a
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2020-17500
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-3.94% / 89.13%
||
7 Day CHG~0.00%
Published-07 Jan, 2021 | 20:51
Updated-04 Aug, 2024 | 14:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Barco TransForm NDN-210 Lite, NDN-210 Pro, NDN-211 Lite, and NDN-211 Pro before 3.8 allows Command Injection (issue 1 of 4). The NDN-210 has a web administration panel which is made available over https. The logon method is basic authentication. There is a command injection issue that will result in unauthenticated remote code execution in the username and password fields of the logon prompt. The NDN-210 is part of Barco TransForm N solution and includes the patch from TransForm N version 3.8 onwards.

Action-Not Available
Vendor-barcon/a
Product-transform_ntransform_ndn-211_litetransform_ndn-210_litetransform_ndn-210_protransform_ndn-211_pron/a
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2026-7061
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-1.35% / 68.20%
||
7 Day CHG~0.00%
Published-26 Apr, 2026 | 22:00
Updated-27 Apr, 2026 | 16:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Toowiredd chatgpt-mcp-server MCP/HTTP docker.service.ts os command injection

A weakness has been identified in Toowiredd chatgpt-mcp-server up to 0.1.0. Affected by this issue is some unknown functionality of the file src/services/docker.service.ts of the component MCP/HTTP. This manipulation causes os command injection. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be used for attacks. The project was informed of the problem early through an issue report but has not responded yet.

Action-Not Available
Vendor-Toowiredd
Product-chatgpt-mcp-server
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-14705
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-9.3||CRITICAL
EPSS-14.61% / 96.23%
||
7 Day CHG~0.00%
Published-15 Dec, 2025 | 05:02
Updated-09 Jan, 2026 | 02:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Shiguangwu sgwbox N3 SHARESERVER Feature command injection

A vulnerability was determined in Shiguangwu sgwbox N3 2.0.25. This affects an unknown function of the component SHARESERVER Feature. This manipulation of the argument params causes command injection. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-sgwboxShiguangwu
Product-n3n3_firmwaresgwbox N3
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2020-18758
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.68% / 83.97%
||
7 Day CHG~0.00%
Published-13 Aug, 2021 | 16:08
Updated-04 Aug, 2024 | 14:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue in Dut Computer Control Engineering Co.'s PLC MAC1100 allows attackers to execute arbitrary code.

Action-Not Available
Vendor-dccen/a
Product-mac1100_plc_firmwaremac1100_plcn/a
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2020-18048
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.78% / 75.58%
||
7 Day CHG~0.00%
Published-02 Sep, 2021 | 17:46
Updated-04 Aug, 2024 | 14:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue in craigms/main.php of CraigMS 1.0 allows attackers to execute arbitrary commands via a crafted input entered into the DB Name field.

Action-Not Available
Vendor-bertanddipn/a
Product-craigmsn/a
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2024-1781
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.3||MEDIUM
EPSS-14.69% / 96.26%
||
7 Day CHG~0.00%
Published-23 Feb, 2024 | 00:00
Updated-22 Apr, 2025 | 16:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Totolink X6000R AX3000 shttpd cstecgi.cgi setWizardCfg command injection

A vulnerability was found in Totolink X6000R AX3000 9.4.0cu.852_20230719. It has been rated as critical. This issue affects the function setWizardCfg of the file /cgi-bin/cstecgi.cgi of the component shttpd. The manipulation leads to command injection. The exploit has been disclosed to the public and may be used. The identifier VDB-254573 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-TOTOLINK
Product-x6000r_firmwarex6000rX6000R AX3000x6000rax3000
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2026-7155
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-9.3||CRITICAL
EPSS-1.77% / 75.37%
||
7 Day CHG~0.00%
Published-27 Apr, 2026 | 20:15
Updated-28 Apr, 2026 | 14:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Totolink A8000RU CGI cstecgi.cgi setLoginPasswordCfg os command injection

A security vulnerability has been detected in Totolink A8000RU 7.1cu.643_b20200521. This impacts the function setLoginPasswordCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument admpass leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used.

Action-Not Available
Vendor-TOTOLINK
Product-A8000RU
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-12987
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-98.12% / 99.91%
||
7 Day CHG~0.00%
Published-27 Dec, 2024 | 16:00
Updated-30 Oct, 2025 | 19:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2025-06-05||Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
DrayTek Vigor2960/Vigor300B Web Management Interface apmcfgupload os command injection

A vulnerability, which was classified as critical, was found in DrayTek Vigor2960 and Vigor300B 1.5.1.4. Affected is an unknown function of the file /cgi-bin/mainfunction.cgi/apmcfgupload of the component Web Management Interface. The manipulation of the argument session leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.5.1.5 is able to address this issue. It is recommended to upgrade the affected component.

Action-Not Available
Vendor-DrayTek Corp.
Product-vigor300bvigor300b_firmwarevigor2960_firmwarevigor2960Vigor300BVigor2960Vigor Routers
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-4585
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-9.3||CRITICAL
EPSS-3.31% / 87.08%
||
7 Day CHG~0.00%
Published-23 Mar, 2026 | 11:15
Updated-24 Apr, 2026 | 16:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tiandy Easy7 Integrated Management Platform Configuration ImportSystemConfiguration.jsp os command injection

A vulnerability has been found in Tiandy Easy7 Integrated Management Platform up to 7.17.0. This vulnerability affects unknown code of the file /Easy7/apps/WebService/ImportSystemConfiguration.jsp of the component Configuration Handler. The manipulation of the argument File leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-Tiandy
Product-Easy7 Integrated Management Platform
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-39618
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.39% / 69.02%
||
7 Day CHG~0.00%
Published-21 Aug, 2023 | 00:00
Updated-07 Oct, 2024 | 16:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

TOTOLINK X5000R B20210419 was discovered to contain a remote code execution (RCE) vulnerability via the setTracerouteCfg interface.

Action-Not Available
Vendor-n/aTOTOLINK
Product-x5000r_firmwarex5000rn/ax5000r
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2026-4499
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-3.20% / 86.58%
||
7 Day CHG~0.00%
Published-20 Mar, 2026 | 19:32
Updated-03 Apr, 2026 | 19:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
D-Link DIR-820LW SSDP ssdpcgi_main os command injection

A vulnerability was determined in D-Link DIR-820LW 2.03. Affected is the function ssdpcgi_main of the component SSDP. Executing a manipulation can lead to os command injection. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized.

Action-Not Available
Vendor-D-Link Corporation
Product-dir-820lw_firmwaredir-820lwDIR-820LW
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-4497
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-1.91% / 77.24%
||
7 Day CHG~0.00%
Published-20 Mar, 2026 | 19:02
Updated-03 Apr, 2026 | 11:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Totolink WA300 cstecgi.cgi recvUpgradeNewFw os command injection

A vulnerability was determined in Totolink WA300 5.2cu.7112_B20190227. Affected by this issue is the function recvUpgradeNewFw of the file /cgi-bin/cstecgi.cgi. This manipulation causes os command injection. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized.

Action-Not Available
Vendor-TOTOLINK
Product-wa300_firmwarewa300WA300
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-39638
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-3.02% / 85.83%
||
7 Day CHG~0.00%
Published-14 Sep, 2023 | 00:00
Updated-26 Sep, 2024 | 13:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

D-LINK DIR-859 A1 1.05 and A1 1.06B01 Beta01 was discovered to contain a command injection vulnerability via the lxmldbc_system function at /htdocs/cgibin.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-859_a1dir-859_a1_firmwaren/adir-859_a1
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2025-15048
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-11.34% / 95.45%
||
7 Day CHG~0.00%
Published-23 Dec, 2025 | 22:32
Updated-24 Feb, 2026 | 07:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda WH450 HTTP Request CheckTools command injection

A vulnerability was determined in Tenda WH450 1.0.0.18. This impacts an unknown function of the file /goform/CheckTools of the component HTTP Request Handler. Executing a manipulation of the argument ipaddress can lead to command injection. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-wh450wh450_firmwareWH450
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2024-11861
Matching Score-4
Assigner-Mandiant Inc.
ShareView Details
Matching Score-4
Assigner-Mandiant Inc.
CVSS Score-9.8||CRITICAL
EPSS-1.39% / 68.95%
||
7 Day CHG~0.00%
Published-09 May, 2025 | 13:51
Updated-12 May, 2025 | 22:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Command injection in EnerSys AMPA 22.09 and prior versions

EnerSys AMPA 22.09 and prior versions are vulnerable to command injection leading to privileged remote shell access.

Action-Not Available
Vendor-EnerSys
Product-AMPA
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2023-38690
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-5.8||MEDIUM
EPSS-0.78% / 51.37%
||
7 Day CHG~0.00%
Published-04 Aug, 2023 | 16:31
Updated-08 Oct, 2024 | 17:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
matrix-appservice-irc IRC command injection via admin commands containing newlines

matrix-appservice-irc is a Node.js IRC bridge for Matrix. Prior to version 1.0.1, it is possible to craft a command with newlines which would not be properly parsed. This would mean you could pass a string of commands as a channel name, which would then be run by the IRC bridge bot. Versions 1.0.1 and above are patched. There are no robust workarounds to the bug. One may disable dynamic channels in the config to disable the most common execution method but others may exist.

Action-Not Available
Vendor-The Matrix.org Foundation
Product-matrix_irc_bridgematrix-appservice-ircmatrix-appservice-irc
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-20
Improper Input Validation
CVE-2020-14472
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.93% / 85.40%
||
7 Day CHG~0.00%
Published-24 Jun, 2020 | 16:51
Updated-04 Aug, 2024 | 12:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

On Draytek Vigor3900, Vigor2960, and Vigor 300B devices before 1.5.1.1, there are some command-injection vulnerabilities in the mainfunction.cgi file.

Action-Not Available
Vendor-n/aDrayTek Corp.
Product-vigor300b_firmwarevigor3900vigor300bvigor2960_firmwarevigor3900_firmwarevigor2960n/a
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2020-14505
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-9.8||CRITICAL
EPSS-7.02% / 93.39%
||
7 Day CHG~0.00%
Published-15 Jul, 2020 | 01:59
Updated-04 Aug, 2024 | 12:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Advantech iView, versions 5.6 and prior, has an improper neutralization of special elements used in a command (“command injection”) vulnerability. Successful exploitation of this vulnerability may allow an attacker to send a HTTP GET or POST request that creates a command string without any validation. The attacker may then remotely execute code.

Action-Not Available
Vendor-n/aAdvantech (Advantech Co., Ltd.)
Product-iviewAdvantech iView
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CVE-2023-38034
Matching Score-4
Assigner-HackerOne
ShareView Details
Matching Score-4
Assigner-HackerOne
CVSS Score-8.3||HIGH
EPSS-1.02% / 59.23%
||
7 Day CHG~0.00%
Published-10 Aug, 2023 | 18:58
Updated-04 Dec, 2024 | 16:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A command injection vulnerability in the DHCP Client function of all UniFi Access Points and Switches, excluding the Switch Flex Mini, could allow a Remote Code Execution (RCE). Affected Products: All UniFi Access Points (Version 6.5.53 and earlier) All UniFi Switches (Version 6.5.32 and earlier) -USW Flex Mini excluded. Mitigation: Update UniFi Access Points to Version 6.5.62 or later. Update UniFi Switches to Version 6.5.59 or later.

Action-Not Available
Vendor-Ubiquiti Inc.
Product-usw-pro-24usw-pro-24-poeus-48-500wusw-flex-xgusw-enterprisexg-24ubb-xgusw-flexu6-lrunifi_switch_firmwareus-16-150wusw-lite-16-poeus-xg-6poeu6-extenderus-8-150wusw-48-poeuap-ac-prou6\+usw-enterprise-24-poeusw-industrialusw-48usw-pro-48-poeusw-24us-8-60wusw-enterprise-8-poeu6-prouap-ac-liteu6-iwuwb-xguap-ac-musw-aggregationusw-lite-8-poeu6-enterpriseusw-24-poeuap-ac-iwu6-liteunifi_uap_firmwareusw-mission-criticalusw-pro-48u6-meshuap-ac-m-prousw-16-poeusw-pro-aggregationus-24-250wubbuap-ac-lru6-enterprise-iwusw-enterprise-48-poeUniFi Access PointsUniFi Switches
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2020-13917
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.08% / 79.27%
||
7 Day CHG~0.00%
Published-28 Jul, 2020 | 14:46
Updated-04 Aug, 2024 | 12:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

rkscli in Ruckus Wireless Unleashed through 200.7.10.92 allows a remote attacker to achieve command injection and jailbreak the CLI via a crafted CLI command. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n, T301s, T310c, T310d, T310n, T310s, T610, T710, and T710s devices.

Action-Not Available
Vendor-ruckuswirelessn/a
Product-h320r610t310cr720t301ne510r320t610t310dr310r500c110m510h510t301st710sr750r510r600t300t710t310nr710unleashed_firmwaret310sn/a
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2020-14100
Matching Score-4
Assigner-Xiaomi Technology Co., Ltd.
ShareView Details
Matching Score-4
Assigner-Xiaomi Technology Co., Ltd.
CVSS Score-9.8||CRITICAL
EPSS-5.18% / 91.45%
||
7 Day CHG~0.00%
Published-11 Sep, 2020 | 13:42
Updated-04 Aug, 2024 | 12:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Xiaomi router R3600 ROM version<1.0.66, filters in the set_WAN6 interface can be bypassed, causing remote code execution. The router administrator can gain root access from this vulnerability.

Action-Not Available
Vendor-n/aXiaomi
Product-r3600r3600_firmwareXiaomi router R3600
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2024-12356
Matching Score-4
Assigner-BeyondTrust Inc.
ShareView Details
Matching Score-4
Assigner-BeyondTrust Inc.
CVSS Score-9.8||CRITICAL
EPSS-87.99% / 99.75%
||
7 Day CHG~0.00%
Published-17 Dec, 2024 | 04:29
Updated-24 Oct, 2025 | 13:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2024-12-27||Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Command Injection Vulnerability in Remote Support(RS) & Privileged Remote Access (PRA)

A critical vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) products which can allow an unauthenticated attacker to inject commands that are run as a site user.

Action-Not Available
Vendor-BeyondTrust Corporation
Product-privileged_remote_accessremote_supportRemote SupportPrivileged Remote AccessPrivileged Remote Access (PRA) and Remote Support (RS)
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2020-13117
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-68.79% / 99.26%
||
7 Day CHG~0.00%
Published-09 Feb, 2021 | 18:53
Updated-19 Aug, 2025 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Wavlink WN575A4, WN579X3, and WN530G3A devices through 2020-05-15 allow unauthenticated remote users to inject commands via the key parameter in a login request.

Action-Not Available
Vendor-n/aWAVLINK Technology Ltd.
Product-wn575a4_firmwarewn575a4wn579x3wn579x3_firmwaren/a
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2020-13919
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.55% / 83.13%
||
7 Day CHG~0.00%
Published-28 Jul, 2020 | 14:46
Updated-04 Aug, 2024 | 12:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

emfd/libemf in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to achieve command injection via a crafted HTTP request. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n, T301s, T310c, T310d, T310n, T310s, T610, T710, and T710s devices.

Action-Not Available
Vendor-ruckuswirelessn/a
Product-h320r610t310cr720t301ne510r320t610t310dr310r500c110m510h510t301st710sr750r510r600t300t710t310nr710unleashed_firmwaret310sn/a
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2024-12442
Matching Score-4
Assigner-Mandiant Inc.
ShareView Details
Matching Score-4
Assigner-Mandiant Inc.
CVSS Score-9.8||CRITICAL
EPSS-1.08% / 60.99%
||
7 Day CHG~0.00%
Published-09 May, 2025 | 13:55
Updated-13 May, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Command injection in EnerSys AMPA versions 24.04 through 24.16, inclusive

EnerSys AMPA versions 24.04 through 24.16, inclusive, are vulnerable to command injection leading to privileged remote shell access.

Action-Not Available
Vendor-EnerSys
Product-AMPA
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2020-14119
Matching Score-4
Assigner-Xiaomi Technology Co., Ltd.
ShareView Details
Matching Score-4
Assigner-Xiaomi Technology Co., Ltd.
CVSS Score-9.8||CRITICAL
EPSS-2.96% / 85.54%
||
7 Day CHG~0.00%
Published-16 Sep, 2021 | 12:03
Updated-04 Aug, 2024 | 12:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is command injection in the addMeshNode interface of xqnetwork.lua, which leads to command execution under administrator authority on Xiaomi router AX3600 with rom versionrom< 1.1.12

Action-Not Available
Vendor-n/aXiaomi
Product-ax3600Xiaomi Router AX3600
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2020-11698
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-73.67% / 99.41%
||
7 Day CHG~0.00%
Published-17 Sep, 2020 | 16:28
Updated-04 Aug, 2024 | 11:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Titan SpamTitan 7.07. Improper input sanitization of the parameter community on the page snmp-x.php would allow a remote attacker to inject commands into the file snmpd.conf that would allow executing commands on the target server.

Action-Not Available
Vendor-titanhqn/a
Product-spamtitann/a
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2020-11789
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.3||HIGH
EPSS-2.67% / 83.93%
||
7 Day CHG~0.00%
Published-15 Apr, 2020 | 17:06
Updated-04 Aug, 2024 | 11:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects R6400v2 before 1.0.4.84, R6700 before 1.0.2.8, R6700v3 before 1.0.4.84, R6900 before 1.0.2.8, and R7900 before 1.0.3.10.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-r6900_firmwarer7900_firmwarer6700r6400r6400_firmwarer6700_firmwarer7900r6900n/a
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2023-34849
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.84% / 84.95%
||
7 Day CHG+0.29%
Published-29 Jun, 2023 | 00:00
Updated-26 Nov, 2024 | 21:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An unauthorized command injection vulnerability exists in the ActionLogin function of the webman.lua file in Ikuai router OS through 3.7.1.

Action-Not Available
Vendor-ikuai8n/a
Product-ikuaiosn/a
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2024-11320
Matching Score-4
Assigner-Pandora FMS
ShareView Details
Matching Score-4
Assigner-Pandora FMS
CVSS Score-6.9||MEDIUM
EPSS-91.23% / 99.80%
||
7 Day CHG+0.72%
Published-21 Nov, 2024 | 10:03
Updated-26 Nov, 2024 | 17:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Command Injection leading to RCE via LDAP Misconfiguration

Arbitrary commands execution on the server by exploiting a command injection vulnerability in the LDAP authentication mechanism. This issue affects Pandora FMS: from 700 through <=777.4

Action-Not Available
Vendor-Pandora FMS S.L.U.
Product-pandora_fmsPandora FMS
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2023-34111
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-8.1||HIGH
EPSS-4.05% / 89.40%
||
7 Day CHG~0.00%
Published-06 Jun, 2023 | 16:29
Updated-07 Jan, 2025 | 18:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Command Injection Vulnerability in `Release PR Merged` Workflow in taosdata/grafanaplugin

The `Release PR Merged` workflow in the github repo taosdata/grafanaplugin is subject to a command injection vulnerability which allows for arbitrary code execution within the github action context due to the insecure usage of `${{ github.event.pull_request.title }}` in a bash command within the GitHub workflow. Attackers can inject malicious commands which will be executed by the workflow. This happens because `${{ github.event.pull_request.title }}` is directly passed to bash command on like 25 of the workflow. This may allow an attacker to gain access to secrets which the github action has access to or to otherwise make use of the compute resources.

Action-Not Available
Vendor-tdenginetaosdata
Product-grafanagrafanaplugin
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2026-41265
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-9.2||CRITICAL
EPSS-0.46% / 36.95%
||
7 Day CHG~0.00%
Published-23 Apr, 2026 | 19:58
Updated-24 Apr, 2026 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Flowise: Airtable_Agent Code Injection Remote Code Execution Vulnerability

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, the specific flaw exists within the run method of the Airtable_Agents class. The issue results from the lack of proper sandboxing when evaluating an LLM generated python script. Using prompt injection techniques, an unauthenticated attacker with the ability to send prompts to a chatflow using the Airtable Agent node may convince an LLM to respond with a malicious python script that executes attacker controlled commands on the flowise server. This vulnerability is fixed in 3.1.0.

Action-Not Available
Vendor-flowiseaiFlowiseAI
Product-flowiseFlowise
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2026-4228
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-5.17% / 91.43%
||
7 Day CHG~0.00%
Published-16 Mar, 2026 | 08:02
Updated-20 Mar, 2026 | 18:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
LB-LINK BL-WR9000 set_wifi sub_458754 command injection

A vulnerability was detected in LB-LINK BL-WR9000 2.4.9. This affects the function sub_458754 of the file /goform/set_wifi. The manipulation results in command injection. It is possible to launch the attack remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-lb-linkLB-LINK
Product-bl-wr9000_firmwarebl-wr9000BL-WR9000
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2020-12782
Matching Score-4
Assigner-TWCERT/CC
ShareView Details
Matching Score-4
Assigner-TWCERT/CC
CVSS Score-9.8||CRITICAL
EPSS-1.89% / 77.00%
||
7 Day CHG~0.00%
Published-23 Jun, 2020 | 06:05
Updated-17 Sep, 2024 | 03:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Openfind MailGates - Command Injection

Openfind MailGates contains a Command Injection flaw, when receiving email with specific strings, malicious code in the mail attachment will be triggered and gain unauthorized access to system files.

Action-Not Available
Vendor-openfindOpenfind
Product-mailgatesmailauditMailAuditMailGates
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2026-41501
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-9.8||CRITICAL
EPSS-1.30% / 67.01%
||
7 Day CHG~0.00%
Published-08 May, 2026 | 02:51
Updated-08 May, 2026 | 19:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
electerm has Command Injection Vulnerability via runLinux function

electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client. Prior to version 3.3.8, a command injection vulnerability exists in github.com/elcterm/electerm/npm/install.js:130. The runLinux() function appends attacker-controlled remote version strings directly into an exec("rm -rf ...") command without validation. This issue has been patched in version 3.3.8.

Action-Not Available
Vendor-electerm_projectelecterm
Product-electermelecterm
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2024-10697
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-25.50% / 97.70%
||
7 Day CHG~0.00%
Published-02 Nov, 2024 | 12:00
Updated-05 Apr, 2025 | 07:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda AC6 API Endpoint WriteFacMac formWriteFacMac command injection

A vulnerability has been found in Tenda AC6 15.03.05.19 and classified as critical. Affected by this vulnerability is the function formWriteFacMac of the file /goform/WriteFacMac of the component API Endpoint. The manipulation of the argument mac leads to command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-ac6ac6_firmwareAC6ac6_firmware
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2024-11046
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-4.25% / 89.85%
||
7 Day CHG~0.00%
Published-10 Nov, 2024 | 03:00
Updated-13 Nov, 2024 | 21:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
D-Link DI-8003 upgrade_filter.asp upgrade_filter_asp os command injection

A vulnerability was found in D-Link DI-8003 16.07.16A1. It has been classified as critical. Affected is the function upgrade_filter_asp of the file /upgrade_filter.asp. The manipulation of the argument path leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-D-Link Corporation
Product-di-8003_firmwaredi-8003DI-8003
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-42257
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-5.8||MEDIUM
EPSS-0.43% / 34.51%
||
7 Day CHG~0.00%
Published-09 May, 2026 | 19:39
Updated-18 May, 2026 | 17:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
net-imap: Command Injection via "raw" arguments to multiple commands

Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to versions 0.4.24, 0.5.14, and 0.6.4, several Net::IMAP commands accept a raw string argument that is sent to the server without validation or escaping. If this string is derived from user-controlled input, it may contain contain CRLF sequences, which an attacker can use to inject arbitrary IMAP commands. This issue has been patched in versions 0.4.24, 0.5.14, and 0.6.4.

Action-Not Available
Vendor-Ruby
Product-net\net-imap
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-93
Improper Neutralization of CRLF Sequences ('CRLF Injection')
CVE-2026-4163
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-9.3||CRITICAL
EPSS-2.10% / 79.48%
||
7 Day CHG~0.00%
Published-14 Mar, 2026 | 22:32
Updated-22 Apr, 2026 | 21:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Wavlink WL-WN579A3 POST Request wireless.cgi GuestWifi command injection

A vulnerability was detected in Wavlink WL-WN579A3 220323. This issue affects the function SetName/GuestWifi of the file /cgi-bin/wireless.cgi of the component POST Request Handler. Performing a manipulation results in command injection. It is possible to initiate the attack remotely. The exploit is now public and may be used. Upgrading the affected component is recommended.

Action-Not Available
Vendor-WAVLINK Technology Ltd.
Product-WL-WN579A3
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
  • Previous
  • 1
  • 2
  • ...
  • 5
  • 6
  • 7
  • ...
  • 23
  • 24
  • Next
Details not found