Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2018-16195

Summary
Assigner-jpcert
Assigner Org ID-ede6fdc4-6654-4307-a26d-3331c018e2ce
Published At-09 Jan, 2019 | 22:00
Updated At-05 Aug, 2024 | 10:17
Rejected At-
Credits

Aterm WF1200CR and Aterm WG1200CR (Aterm WF1200CR firmware Ver1.1.1 and earlier, Aterm WG1200CR firmware Ver1.0.1 and earlier) allows an attacker on the same network segment to execute arbitrary OS commands via SOAP interface of UPnP.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:jpcert
Assigner Org ID:ede6fdc4-6654-4307-a26d-3331c018e2ce
Published At:09 Jan, 2019 | 22:00
Updated At:05 Aug, 2024 | 10:17
Rejected At:
▼CVE Numbering Authority (CNA)

Aterm WF1200CR and Aterm WG1200CR (Aterm WF1200CR firmware Ver1.1.1 and earlier, Aterm WG1200CR firmware Ver1.0.1 and earlier) allows an attacker on the same network segment to execute arbitrary OS commands via SOAP interface of UPnP.

Affected Products
Vendor
NEC CorporationNEC Corporation
Product
Aterm WF1200CR and Aterm WG1200CR
Versions
Affected
  • (Aterm WF1200CR firmware Ver1.1.1 and earlier, Aterm WG1200CR firmware Ver1.0.1 and earlier)
Problem Types
TypeCWE IDDescription
textN/AOS Command Injection
Type: text
CWE ID: N/A
Description: OS Command Injection
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://jvn.jp/en/jp/JVN87535892/index.html
third-party-advisory
x_refsource_JVN
https://jpn.nec.com/security-info/secinfo/nv18-021.html
x_refsource_MISC
Hyperlink: https://jvn.jp/en/jp/JVN87535892/index.html
Resource:
third-party-advisory
x_refsource_JVN
Hyperlink: https://jpn.nec.com/security-info/secinfo/nv18-021.html
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://jvn.jp/en/jp/JVN87535892/index.html
third-party-advisory
x_refsource_JVN
x_transferred
https://jpn.nec.com/security-info/secinfo/nv18-021.html
x_refsource_MISC
x_transferred
Hyperlink: https://jvn.jp/en/jp/JVN87535892/index.html
Resource:
third-party-advisory
x_refsource_JVN
x_transferred
Hyperlink: https://jpn.nec.com/security-info/secinfo/nv18-021.html
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:vultures@jpcert.or.jp
Published At:09 Jan, 2019 | 23:29
Updated At:17 Jan, 2019 | 19:43

Aterm WF1200CR and Aterm WG1200CR (Aterm WF1200CR firmware Ver1.1.1 and earlier, Aterm WG1200CR firmware Ver1.0.1 and earlier) allows an attacker on the same network segment to execute arbitrary OS commands via SOAP interface of UPnP.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.08.8HIGH
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary2.08.3HIGH
AV:A/AC:L/Au:N/C:C/I:C/A:C
Type: Primary
Version: 3.0
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 8.3
Base severity: HIGH
Vector:
AV:A/AC:L/Au:N/C:C/I:C/A:C
CPE Matches
NEC Corporation
nec
>>aterm_wf1200cr_firmware>>Versions up to 1.1.1(inclusive)
cpe:2.3:o:nec:aterm_wf1200cr_firmware:*:*:*:*:*:*:*:*
NEC Corporation
nec
>>aterm_wf1200cr>>-
cpe:2.3:h:nec:aterm_wf1200cr:-:*:*:*:*:*:*:*
NEC Corporation
nec
>>aterm_wg1200cr_firmware>>Versions up to 1.0.1(inclusive)
cpe:2.3:o:nec:aterm_wg1200cr_firmware:*:*:*:*:*:*:*:*
NEC Corporation
nec
>>aterm_wg1200cr>>-
cpe:2.3:h:nec:aterm_wg1200cr:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-78Primarynvd@nist.gov
CWE ID: CWE-78
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://jpn.nec.com/security-info/secinfo/nv18-021.htmlvultures@jpcert.or.jp
Vendor Advisory
https://jvn.jp/en/jp/JVN87535892/index.htmlvultures@jpcert.or.jp
Third Party Advisory
Hyperlink: https://jpn.nec.com/security-info/secinfo/nv18-021.html
Source: vultures@jpcert.or.jp
Resource:
Vendor Advisory
Hyperlink: https://jvn.jp/en/jp/JVN87535892/index.html
Source: vultures@jpcert.or.jp
Resource:
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

131Records found
CVE-2020-5524
Matching Score-10
Assigner-JPCERT/CC
ShareView Details
Matching Score-10
Assigner-JPCERT/CC
CVSS Score-8.8||HIGH
EPSS-0.22% / 45.04%
||
7 Day CHG~0.00%
Published-21 Feb, 2020 | 09:15
Updated-04 Aug, 2024 | 08:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Aterm series (Aterm WF1200C firmware Ver1.2.1 and earlier, Aterm WG1200CR firmware Ver1.2.1 and earlier, Aterm WG2600HS firmware Ver1.3.2 and earlier) allows an attacker on the same network segment to execute arbitrary OS commands with root privileges via UPnP function.

Action-Not Available
Vendor-NEC Corporation
Product-aterm_wf1200caterm_wg1200craterm_wg1200cr_firmwareaterm_wg2600hs_firmwareaterm_wf1200c_firmwareaterm_wg2600hsAterm series
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-28015
Matching Score-6
Assigner-NEC Corporation
ShareView Details
Matching Score-6
Assigner-NEC Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.28% / 51.36%
||
7 Day CHG~0.00%
Published-28 Mar, 2024 | 00:56
Updated-14 Jan, 2025 | 04:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper Neutralization of Special Elements used in an OS Command vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP, WF300HP, WG1800HP, WG1400HP, WR8175N, WR9300N, WR8750N, WR8160N, WR9500N, WR8600N, WR8370N, WR8170N, WR8700N, WR8300N, WR8150N, WR4100N, WR4500N, WR8100N, WR8500N, CR2500P, WR8400N, WR8200N, WR1200H, WR7870S, WR6670S, WR7850S, WR6650S, WR6600H, WR7800H, WM3400RN, WM3450RN, WM3500R, WM3600R, WM3800R, WR8166N, MR01LN MR02LN, WG1810HP(JE) and WG1810HP(MF) all versions allows a attacker to execute an arbitrary OS command with the root privilege via the internet.

Action-Not Available
Vendor-NEC Corporation
Product-WR6600HWM3500RW300PWR8300NWR1200HWR6670SWG600HPWF1200HP2WM3400RNWM3800RWR9300NWR8166NWG1800HP4WG2200HPWR8165NWG1200HS3WR6650SWM3450RNWG1200HSWF300HP2WG1200HP3WG1900HP2WF800HPWR8400NWR9500NWR8100NWF1200HPWR8160NWR7800HWR8500NWG1810HP(JE)WG1810HP(MF)WR4500NWR8200NWR8170NWG1800HP2CR2500PWR8600NWG1800HPWG1200HPWF300HPWM3600RWG1900HPWR8150NWG1200HS2WR4100NWG1400HPWR8370NWR8750NWR8175NWR7870SWG1800HP3WG1200HP2WR7850SMR01LNWG300HPMR02LNWR8700NW1200EX(-MS)aterm_wg1800hp4_firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-1999-0043
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.59% / 80.91%
||
7 Day CHG~0.00%
Published-29 Sep, 1999 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Command execution via shell metachars in INN daemon (innd) 1.5 using "newgroup" and "rmgroup" control messages, and others.

Action-Not Available
Vendor-bsdin/absdiThe MITRE Corporation (Caldera)Netscape (Yahoo Inc.)NEC CorporationInternet Systems Consortium, Inc.Red Hat, Inc.
Product-bsd_osgoah_intrasvnews_serverlinuxinnopenlinuxgoah_networksvn/absd_oslinuxopenlinuxgoah_intrasvgoah_networksvnews_serverinn
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-20711
Matching Score-6
Assigner-JPCERT/CC
ShareView Details
Matching Score-6
Assigner-JPCERT/CC
CVSS Score-9.8||CRITICAL
EPSS-0.65% / 69.84%
||
7 Day CHG~0.00%
Published-26 Apr, 2021 | 00:20
Updated-03 Aug, 2024 | 17:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Aterm WG2600HS firmware Ver1.5.1 and earlier allows an attacker to execute arbitrary OS commands via unspecified vectors.

Action-Not Available
Vendor-NEC Corporation
Product-aterm_wg2600hs_firmwareaterm_wg2600hsAterm WG2600HS
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-40895
Matching Score-6
Assigner-JPCERT/CC
ShareView Details
Matching Score-6
Assigner-JPCERT/CC
CVSS Score-6.4||MEDIUM
EPSS-0.41% / 60.29%
||
7 Day CHG~0.00%
Published-30 Jul, 2024 | 08:37
Updated-02 Aug, 2024 | 04:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

FFRI AMC versions 3.4.0 to 3.5.3 and some OEM products that implement/bundle FFRI AMC versions 3.4.0 to 3.5.3 allow a remote unauthenticated attacker to execute arbitrary OS commands when certain conditions are met in an environment where the notification program setting is enabled and the executable file path is set to a batch file (.bat) or command file (.cmd) extension.

Action-Not Available
Vendor-Sky Co., Ltd.FFRI Security, Inc.skygroupffriNEC Corporation
Product-FFRI AMCFFRI AMC for ActSecure χEDR Plus Packffri_amcedr_plus_pack_cloudedr_plus_pack
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-3741
Matching Score-6
Assigner-NEC Corporation
ShareView Details
Matching Score-6
Assigner-NEC Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.55% / 66.88%
||
7 Day CHG~0.00%
Published-30 Nov, 2023 | 00:55
Updated-02 Dec, 2024 | 19:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An OS Command injection vulnerability in NEC Platforms DT900 and DT900S Series all versions allows an attacker to execute any command on the device.

Action-Not Available
Vendor-NEC Platforms, Ltd.NEC Corporation
Product-itk-12dg-1p\(bk\)telitk-6dgs-1\(bk\)telitk-8tcgx-1\(bk\)tel_firmwareitk-6dgs-1p\(bk\)tel_firmwareitk-32lcg-1p\(bk\)tel_firmwareitk-32lcg-1p\(bk\)telitk-6dgs-1a\(bk\)telitk-32tcgs-1\(bk\)tel_firmwareitk-8lcx-1p\(bk\)tel_firmwareitk-32lcgs-1a\(bk\)telitk-12dg-1p\(bk\)tel_firmwareitk-6d-1p\(bk\)tel_firmwareitk-8lcx-1\(bk\)tel_firmwareitk-8tcgx-1p\(bk\)telitk-6dg-1p\(bk\)tel_firmwareitk-8tcgx-1p\(bk\)tel_firmwareitk-32tcg-1p\(bk\)telitk-6d-1\(bk\)tel_firmwareitk-32tcgs-1p\(bk\)telitk-32tcg-1p\(bk\)tel_firmwareitk-32lcgs-1p\(bk\)telitk-32tcgs-1a\(bk\)tel_firmwareitk-6dg-1p\(bk\)telitk-8lcg-1p\(bk\)telitk-8tcgx-1\(bk\)telitk-6d-1\(bk\)telitk-32tcgs-1a\(bk\)telitk-32lcgs-1a\(bk\)tel_firmwareitk-6d-1p\(bk\)telitk-12d-1p\(bk\)tel_firmwareitk-32lcgs-1\(bk\)tel_firmwareitk-8lcx-1p\(bk\)telitk-32lcgs-1p\(bk\)tel_firmwareitk-12d-1\(bk\)tel_firmwareitk-12d-1\(bk\)telitk-6dgs-1\(bk\)tel_firmwareitk-8lcg-1p\(bk\)tel_firmwareitk-6dgs-1a\(bk\)tel_firmwareitk-32tcgs-1\(bk\)telitk-6dgs-1p\(bk\)telitk-32tcgs-1p\(bk\)tel_firmwareitk-32lcgs-1\(bk\)telitk-8lcx-1\(bk\)telitk-12d-1p\(bk\)telITK-6DGS-1P(BK) TELITK-32LCGS-1P(BK) TELITK-6DG-1P(BK)TELITK-32LCGS-1(BK) TELITK-8TCGX-1(BK)TELITK-6DGS-1A(BK) TELITK-8LCG-1P(BK)TELITK-8LCX-1(BK)TELITK-8TCGX-1P(BK)TELITK-32TCG-1P(BK)TELITK-32TCGS-1A(BK) TELITK-12D-1P(BK)TELITK-6D-1(BK)TELITK-32TCGS-1(BK) TELITK-6D-1P(BK)TELITK-6DGS-1(BK) TELITK-32LCGS-1A(BK) TELITK-12D-1(BK)TELITK-32LCG-1P(BK)TELITK-12DG-1P(BK)TELITK-8LCX-1P(BK)TELITK-32TCGS-1P(BK) TEL
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-5635
Matching Score-6
Assigner-JPCERT/CC
ShareView Details
Matching Score-6
Assigner-JPCERT/CC
CVSS Score-8.8||HIGH
EPSS-0.41% / 60.72%
||
7 Day CHG~0.00%
Published-14 Dec, 2020 | 02:25
Updated-04 Aug, 2024 | 08:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Aterm SA3500G firmware versions prior to Ver. 3.5.9 allows an attacker on the adjacent network to send a specially crafted request to a specific URL, which may result in an arbitrary command execution.

Action-Not Available
Vendor-NEC Platforms, Ltd.NEC Corporation
Product-aterm_sa3500gaterm_sa3500g_firmwareAterm SA3500G
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-5534
Matching Score-6
Assigner-JPCERT/CC
ShareView Details
Matching Score-6
Assigner-JPCERT/CC
CVSS Score-8||HIGH
EPSS-0.23% / 45.61%
||
7 Day CHG~0.00%
Published-21 Feb, 2020 | 09:15
Updated-04 Aug, 2024 | 08:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Aterm WG2600HS firmware Ver1.3.2 and earlier allows an authenticated attacker on the same network segment to execute arbitrary OS commands with root privileges via unspecified vectors.

Action-Not Available
Vendor-NEC Corporation
Product-aterm_wg2600hs_firmwareaterm_wg2600hsAterm WG2600HS
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-5525
Matching Score-6
Assigner-JPCERT/CC
ShareView Details
Matching Score-6
Assigner-JPCERT/CC
CVSS Score-8||HIGH
EPSS-0.23% / 45.61%
||
7 Day CHG~0.00%
Published-21 Feb, 2020 | 09:15
Updated-04 Aug, 2024 | 08:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Aterm series (Aterm WF1200C firmware Ver1.2.1 and earlier, Aterm WG1200CR firmware Ver1.2.1 and earlier, Aterm WG2600HS firmware Ver1.3.2 and earlier) allows an authenticated attacker on the same network segment to execute arbitrary OS commands with root privileges via management screen.

Action-Not Available
Vendor-NEC Corporation
Product-aterm_wg1200craterm_wf1200c_firmwareaterm_wg1200cr_firmwareaterm_wg2600hs_firmwareaterm_wf1200caterm_wg2600hsAterm series
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-5636
Matching Score-6
Assigner-JPCERT/CC
ShareView Details
Matching Score-6
Assigner-JPCERT/CC
CVSS Score-6.8||MEDIUM
EPSS-0.24% / 47.49%
||
7 Day CHG~0.00%
Published-14 Dec, 2020 | 02:25
Updated-04 Aug, 2024 | 08:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Aterm SA3500G firmware versions prior to Ver. 3.5.9 allows an attacker with an administrative privilege to send a specially crafted request to a specific URL, which may result in an arbitrary command execution.

Action-Not Available
Vendor-NEC Platforms, Ltd.NEC Corporation
Product-aterm_sa3500gaterm_sa3500g_firmwareAterm SA3500G
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-5685
Matching Score-6
Assigner-JPCERT/CC
ShareView Details
Matching Score-6
Assigner-JPCERT/CC
CVSS Score-9.8||CRITICAL
EPSS-0.61% / 68.91%
||
7 Day CHG~0.00%
Published-13 Jan, 2021 | 09:40
Updated-04 Aug, 2024 | 08:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

UNIVERGE SV9500 series from V1 to V7and SV8500 series from S6 to S8 allows an attacker to execute arbitrary OS commands or cause a denial-of-service (DoS) condition by sending a specially crafted request to a specific URL.

Action-Not Available
Vendor-NEC Corporation
Product-univerge_sv8500univerge_sv9500_firmwareuniverge_sv8500_firmwareuniverge_sv9500UNIVERGE SV9500/SV8500 series
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-16194
Matching Score-6
Assigner-JPCERT/CC
ShareView Details
Matching Score-6
Assigner-JPCERT/CC
CVSS Score-7.2||HIGH
EPSS-0.59% / 68.23%
||
7 Day CHG~0.00%
Published-09 Jan, 2019 | 22:00
Updated-05 Aug, 2024 | 10:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Aterm WF1200CR and Aterm WG1200CR (Aterm WF1200CR firmware Ver1.1.1 and earlier, Aterm WG1200CR firmware Ver1.0.1 and earlier) allows authenticated attackers to execute arbitrary OS commands via unspecified vectors.

Action-Not Available
Vendor-NEC Corporation
Product-aterm_wf1200craterm_wg1200craterm_wg1200cr_firmwareaterm_wf1200cr_firmwareAterm WF1200CR and Aterm WG1200CR
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-0625
Matching Score-6
Assigner-JPCERT/CC
ShareView Details
Matching Score-6
Assigner-JPCERT/CC
CVSS Score-7.2||HIGH
EPSS-0.67% / 70.38%
||
7 Day CHG~0.00%
Published-09 Jan, 2019 | 22:00
Updated-05 Aug, 2024 | 03:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Aterm WG1200HP firmware Ver1.0.31 and earlier allows attacker with administrator rights to execute arbitrary OS commands via formSysCmd parameter.

Action-Not Available
Vendor-NEC Corporation
Product-aterm_wg1200hp_firmwareaterm_wg1200hpWG1200HP
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-0639
Matching Score-6
Assigner-JPCERT/CC
ShareView Details
Matching Score-6
Assigner-JPCERT/CC
CVSS Score-7.2||HIGH
EPSS-0.59% / 68.23%
||
7 Day CHG~0.00%
Published-09 Jan, 2019 | 22:00
Updated-05 Aug, 2024 | 03:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary OS commands via tools_firmware.cgi date parameter, time parameter, and offset parameter.

Action-Not Available
Vendor-NEC Corporation
Product-aterm_hc100rc_firmwareaterm_hc100rcHC100RC
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-0636
Matching Score-6
Assigner-JPCERT/CC
ShareView Details
Matching Score-6
Assigner-JPCERT/CC
CVSS Score-7.2||HIGH
EPSS-0.59% / 68.23%
||
7 Day CHG~0.00%
Published-09 Jan, 2019 | 22:00
Updated-05 Aug, 2024 | 03:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary OS commands via FactoryPassword parameter of a certain URL, different URL from CVE-2018-0634.

Action-Not Available
Vendor-NEC Corporation
Product-aterm_hc100rc_firmwareaterm_hc100rcHC100RC
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-0638
Matching Score-6
Assigner-JPCERT/CC
ShareView Details
Matching Score-6
Assigner-JPCERT/CC
CVSS Score-7.2||HIGH
EPSS-0.67% / 70.38%
||
7 Day CHG~0.00%
Published-09 Jan, 2019 | 22:00
Updated-05 Aug, 2024 | 03:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary OS commands via import.cgi encKey parameter.

Action-Not Available
Vendor-NEC Corporation
Product-aterm_hc100rc_firmwareaterm_hc100rcHC100RC
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-0630
Matching Score-6
Assigner-JPCERT/CC
ShareView Details
Matching Score-6
Assigner-JPCERT/CC
CVSS Score-7.2||HIGH
EPSS-0.67% / 70.38%
||
7 Day CHG~0.00%
Published-09 Jan, 2019 | 22:00
Updated-05 Aug, 2024 | 03:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Aterm W300P Ver1.0.13 and earlier allows attacker with administrator rights to execute arbitrary OS commands via sysCmd parameter.

Action-Not Available
Vendor-NEC Corporation
Product-aterm_w300p_firmwareaterm_w300pAterm W300P
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-0627
Matching Score-6
Assigner-JPCERT/CC
ShareView Details
Matching Score-6
Assigner-JPCERT/CC
CVSS Score-7.2||HIGH
EPSS-0.67% / 70.38%
||
7 Day CHG~0.00%
Published-09 Jan, 2019 | 22:00
Updated-05 Aug, 2024 | 03:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Aterm WG1200HP firmware Ver1.0.31 and earlier allows attacker with administrator rights to execute arbitrary OS commands via targetAPSsid parameter.

Action-Not Available
Vendor-NEC Corporation
Product-aterm_wg1200hp_firmwareaterm_wg1200hpWG1200HP
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-0628
Matching Score-6
Assigner-JPCERT/CC
ShareView Details
Matching Score-6
Assigner-JPCERT/CC
CVSS Score-7.2||HIGH
EPSS-0.67% / 70.38%
||
7 Day CHG~0.00%
Published-09 Jan, 2019 | 22:00
Updated-05 Aug, 2024 | 03:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Aterm WG1200HP firmware Ver1.0.31 and earlier allows attacker with administrator rights to execute arbitrary OS commands via HTTP request and response.

Action-Not Available
Vendor-NEC Corporation
Product-aterm_wg1200hp_firmwareaterm_wg1200hpWG1200HP
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-0631
Matching Score-6
Assigner-JPCERT/CC
ShareView Details
Matching Score-6
Assigner-JPCERT/CC
CVSS Score-7.2||HIGH
EPSS-0.67% / 70.38%
||
7 Day CHG~0.00%
Published-09 Jan, 2019 | 22:00
Updated-05 Aug, 2024 | 03:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Aterm W300P Ver1.0.13 and earlier allows attacker with administrator rights to execute arbitrary OS commands via targetAPSsid parameter.

Action-Not Available
Vendor-NEC Corporation
Product-aterm_w300p_firmwareaterm_w300pAterm W300P
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-25621
Matching Score-6
Assigner-NEC Corporation
ShareView Details
Matching Score-6
Assigner-NEC Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.96% / 75.54%
||
7 Day CHG~0.00%
Published-11 Mar, 2022 | 17:54
Updated-03 Aug, 2024 | 04:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

UUNIVERGE WA 1020 Ver8.2.11 and prior, UNIVERGE WA 1510 Ver8.2.11 and prior, UNIVERGE WA 1511 Ver8.2.11 and prior, UNIVERGE WA 1512 Ver8.2.11 and prior, UNIVERGE WA 2020 Ver8.2.11 and prior, UNIVERGE WA 2021 Ver8.2.11 and prior, UNIVERGE WA 2610-AP Ver8.2.11 and prior, UNIVERGE WA 2611-AP Ver8.2.11 and prior, UNIVERGE WA 2611E-AP Ver8.2.11 and prior, UNIVERGE WA WA2612-AP Ver8.2.11 and prior allows a remote attacker to execute arbitrary OS commands.

Action-Not Available
Vendor-NEC Platforms, Ltd.NEC Corporation
Product-univerge_wa2020univerge_wa2611-ap_firmwareuniverge_wa2610-ap_firmwareuniverge_wa1511_firmwareuniverge_wa2611-apuniverge_wa1510_firmwareuniverge_wa1020univerge_wa2612-apuniverge_wa2612-ap_firmwareuniverge_wa2020_firmwareuniverge_wa1510univerge_wa2610-apuniverge_wa1512_firmwareuniverge_wa1512univerge_wa1511univerge_wa2021univerge_wa1020_firmwareuniverge_wa2021_firmwareuniverge_wa2611e-apuniverge_wa2611e-ap_firmwareUNIVERGE DT
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-20708
Matching Score-6
Assigner-JPCERT/CC
ShareView Details
Matching Score-6
Assigner-JPCERT/CC
CVSS Score-7.2||HIGH
EPSS-0.69% / 70.84%
||
7 Day CHG~0.00%
Published-26 Apr, 2021 | 00:20
Updated-03 Aug, 2024 | 17:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NEC Aterm devices (Aterm WF1200CR firmware Ver1.3.2 and earlier, Aterm WG1200CR firmware Ver1.3.3 and earlier, and Aterm WG2600HS firmware Ver1.5.1 and earlier) allow authenticated attackers to execute arbitrary OS commands by sending a specially crafted request to a specific URL.

Action-Not Available
Vendor-NEC Corporation
Product-aterm_wf1200craterm_wg1200craterm_wg1200cr_firmwareaterm_wg2600hs_firmwareaterm_wg2600hsaterm_wf1200cr_firmwareNEC Aterm devices
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-0629
Matching Score-6
Assigner-JPCERT/CC
ShareView Details
Matching Score-6
Assigner-JPCERT/CC
CVSS Score-7.2||HIGH
EPSS-0.67% / 70.38%
||
7 Day CHG~0.00%
Published-09 Jan, 2019 | 22:00
Updated-05 Aug, 2024 | 03:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Aterm W300P Ver1.0.13 and earlier allows attacker with administrator rights to execute arbitrary OS commands via HTTP request and response.

Action-Not Available
Vendor-NEC Corporation
Product-aterm_w300p_firmwareaterm_w300pAterm W300P
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-0637
Matching Score-6
Assigner-JPCERT/CC
ShareView Details
Matching Score-6
Assigner-JPCERT/CC
CVSS Score-7.2||HIGH
EPSS-0.67% / 70.38%
||
7 Day CHG~0.00%
Published-09 Jan, 2019 | 22:00
Updated-05 Aug, 2024 | 03:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary OS commands via export.cgi encKey parameter.

Action-Not Available
Vendor-NEC Corporation
Product-aterm_hc100rc_firmwareaterm_hc100rcHC100RC
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-0635
Matching Score-6
Assigner-JPCERT/CC
ShareView Details
Matching Score-6
Assigner-JPCERT/CC
CVSS Score-7.2||HIGH
EPSS-0.59% / 68.23%
||
7 Day CHG~0.00%
Published-09 Jan, 2019 | 22:00
Updated-05 Aug, 2024 | 03:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary OS commands via filename parameter.

Action-Not Available
Vendor-NEC Corporation
Product-aterm_hc100rc_firmwareaterm_hc100rcHC100RC
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-0634
Matching Score-6
Assigner-JPCERT/CC
ShareView Details
Matching Score-6
Assigner-JPCERT/CC
CVSS Score-7.2||HIGH
EPSS-0.59% / 68.23%
||
7 Day CHG~0.00%
Published-09 Jan, 2019 | 22:00
Updated-05 Aug, 2024 | 03:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary OS commands via FactoryPassword parameter or bootmode parameter of a certain URL.

Action-Not Available
Vendor-NEC Corporation
Product-aterm_hc100rc_firmwareaterm_hc100rcHC100RC
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-3333
Matching Score-6
Assigner-NEC Corporation
ShareView Details
Matching Score-6
Assigner-NEC Corporation
CVSS Score-7.2||HIGH
EPSS-0.07% / 22.48%
||
7 Day CHG~0.00%
Published-28 Jun, 2023 | 01:33
Updated-04 Dec, 2024 | 20:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper Neutralization of Special Elements used in an OS Command vulnerability in NEC Corporation Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2, WG1800HP, WG1400HP, WG600HP, WG300HP, WF300HP, WR9500N, WR9300N, WR8750N, WR8700N, WR8600N, WR8370N, WR8175N and WR8170N all versions allows a attacker to execute an arbitrary OS command with the root privilege, after obtaining a high privilege exploiting CVE-2023-3330 and CVE-2023-3331 vulnerabilities.

Action-Not Available
Vendor-NEC Corporation
Product-aterm_wr8175naterm_wr8370n_firmwareaterm_wr8750n_firmwareaterm_wr8370naterm_wf300hpaterm_wr8170naterm_wg600hp_firmwareaterm_wg300hp_firmwareaterm_wg1800hpaterm_wg1800hp2aterm_wg300hpaterm_wg1800hp2_firmwareaterm_wr8600n_firmwareaterm_wf300hp_firmwareaterm_wg1400hp_firmwareaterm_wr9500n_firmwareaterm_wg2200hpaterm_wr9500naterm_wg2200hp_firmwareaterm_wr9300naterm_wg1800hp_firmwareaterm_wg2600hpaterm_wg2600hp2_firmwareaterm_wg600hpaterm_wr8600naterm_wr8170n_firmwareaterm_wr8700n_firmwareaterm_wg2600hp_firmwareaterm_wr9300n_firmwareaterm_wg1400hpaterm_wr8700naterm_wg2600hp2aterm_wr8175n_firmwareaterm_wr8750nAterm WR8170NAterm WG2600HPAterm WR8700NAterm WR9500NAterm WR8175NAterm WG2600HP2Aterm WR9300NAterm WG1800HP2Aterm WG1800HPAterm WR8370NAterm WG2200HPAterm WF300HPAterm WG300HPAterm WG1400HPAterm WR8750NAterm WR8600NAterm WG600HP
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-0356
Matching Score-6
Assigner-NEC Corporation
ShareView Details
Matching Score-6
Assigner-NEC Corporation
CVSS Score-7.2||HIGH
EPSS-0.09% / 26.20%
||
7 Day CHG+0.01%
Published-15 Jan, 2025 | 07:24
Updated-03 Apr, 2025 | 15:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NEC Corporation Aterm WX1500HP Ver.1.4.2 and earlier and WX3600HP Ver.1.5.3 and earlier allows a attacker to execute arbitrary OS commands via the network.

Action-Not Available
Vendor-NEC Corporation
Product-WX1500HPWX3600HP
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-20740
Matching Score-6
Assigner-JPCERT/CC
ShareView Details
Matching Score-6
Assigner-JPCERT/CC
CVSS Score-8.8||HIGH
EPSS-2.37% / 84.32%
||
7 Day CHG~0.00%
Published-28 Jun, 2021 | 00:50
Updated-03 Aug, 2024 | 17:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Hitachi Virtual File Platform Versions prior to 5.5.3-09 and Versions prior to 6.4.3-09, and NEC Storage M Series NAS Gateway Nh4a/Nh8a versions prior to FOS 5.5.3-08(NEC2.5.4a) and Nh4b/Nh8b, Nh4c/Nh8c versions prior to FOS 6.4.3-08(NEC3.4.2) allow remote authenticated attackers to execute arbitrary OS commands with root privileges via unspecified vectors.

Action-Not Available
Vendor-Hitachi, Ltd.NEC Corporation
Product-virtual_file_platformnas_gateway_nh4c_firmwarenas_gateway_nh4a_firmwarenas_gateway_nh4cnas_gateway_nh8b_firmwarenas_gateway_nh8c_firmwarenas_gateway_nh8a_firmwarenas_gateway_nh4anas_gateway_nh4b_firmwarenas_gateway_nh4bnas_gateway_nh8bnas_gateway_nh8anas_gateway_nh8cHitachi Virtual File Platform and NEC Storage M Series NAS Gateway which uses Hitachi Virtual File Platform
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-0626
Matching Score-6
Assigner-JPCERT/CC
ShareView Details
Matching Score-6
Assigner-JPCERT/CC
CVSS Score-7.2||HIGH
EPSS-0.67% / 70.38%
||
7 Day CHG~0.00%
Published-09 Jan, 2019 | 22:00
Updated-05 Aug, 2024 | 03:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Aterm WG1200HP firmware Ver1.0.31 and earlier allows attacker with administrator rights to execute arbitrary OS commands via sysCmd in formWsc parameter.

Action-Not Available
Vendor-NEC Corporation
Product-aterm_wg1200hp_firmwareaterm_wg1200hpWG1200HP
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-5295
Matching Score-4
Assigner-Zero Day Initiative
ShareView Details
Matching Score-4
Assigner-Zero Day Initiative
CVSS Score-8.8||HIGH
EPSS-4.49% / 88.67%
||
7 Day CHG~0.00%
Published-23 May, 2024 | 21:29
Updated-10 Mar, 2025 | 16:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
D-Link G416 flupl self Command Injection Remote Code Execution Vulnerability

D-Link G416 flupl self Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 wireless routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP service listening on TCP port 80. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-21294.

Action-Not Available
Vendor-D-Link Corporation
Product-g416g416_firmwareG416g416_firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2019-6014
Matching Score-4
Assigner-JPCERT/CC
ShareView Details
Matching Score-4
Assigner-JPCERT/CC
CVSS Score-8.8||HIGH
EPSS-1.59% / 80.90%
||
7 Day CHG~0.00%
Published-26 Dec, 2019 | 15:16
Updated-04 Aug, 2024 | 20:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

DBA-1510P firmware 1.70b009 and earlier allows an attacker to execute arbitrary OS commands via Web User Interface.

Action-Not Available
Vendor-D-Link Corporation
Product-dba-1510p_firmwaredba-1510pDBA-1510P
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2013-1616
Matching Score-4
Assigner-Symantec - A Division of Broadcom
ShareView Details
Matching Score-4
Assigner-Symantec - A Division of Broadcom
CVSS Score-8.3||HIGH
EPSS-19.28% / 95.14%
||
7 Day CHG~0.00%
Published-31 Jul, 2013 | 15:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The management console on the Symantec Web Gateway (SWG) appliance before 5.1.1 allows remote attackers to execute arbitrary commands by injecting a command into an application script.

Action-Not Available
Vendor-n/aSymantec Corporation
Product-web_gateway_appliance_8490web_gateway_appliance_8450web_gatewayn/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-4029
Matching Score-4
Assigner-Zyxel Corporation
ShareView Details
Matching Score-4
Assigner-Zyxel Corporation
CVSS Score-8.8||HIGH
EPSS-0.60% / 68.58%
||
7 Day CHG~0.00%
Published-22 Feb, 2022 | 14:25
Updated-03 Aug, 2024 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A command injection vulnerability in the CGI program of the Zyxel ARMOR Z1/Z2 firmware could allow an attacker to execute arbitrary OS commands via a LAN interface.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-nbg6816nbg6816_firmwarenbg6817_firmwarenbg6817ARMOR Z2 (NBG6817) firmwareARMOR Z1 (NBG6816) firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2012-5693
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.89% / 74.58%
||
7 Day CHG~0.00%
Published-03 Jan, 2020 | 19:30
Updated-06 Aug, 2024 | 21:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Bulb Security Smartphone Pentest Framework (SPF) before 0.1.3 allows remote attackers to execute arbitrary commands via shell metacharacters in the ipAddressTB parameter to (1) remoteAttack.pl or (2) guessPassword.pl in frameworkgui/; the filename parameter to (3) CSAttack.pl or (4) SEAttack.pl in frameworkgui/; the phNo2Attack parameter to (5) CSAttack.pl or (6) SEAttack.pl in frameworkgui/; the (7) platformDD2 parameter to frameworkgui/SEAttack.pl; the (8) agentURLPath or (9) agentControlKey parameter to frameworkgui/attach2agents.pl; or the (10) controlKey parameter to frameworkgui/attachMobileModem.pl. NOTE: The hostingPath parameter to CSAttack.pl and SEAttack.pl vectors and the appURLPath parameter to attachMobileModem.pl vector are covered by CVE-2012-5878.

Action-Not Available
Vendor-bulbsecurityn/a
Product-smartphone_pentest_frameworkn/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-41194
Matching Score-4
Assigner-Zero Day Initiative
ShareView Details
Matching Score-4
Assigner-Zero Day Initiative
CVSS Score-8.8||HIGH
EPSS-1.47% / 80.08%
||
7 Day CHG~0.00%
Published-03 May, 2024 | 02:11
Updated-12 Mar, 2025 | 17:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
D-Link DAP-1325 HNAP SetAPLanSettings SubnetMask Command Injection Remote Code Execution Vulnerability

D-Link DAP-1325 HNAP SetAPLanSettings SubnetMask Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of a request parameter provided to the HNAP1 SOAP endpoint. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-18814.

Action-Not Available
Vendor-D-Link Corporation
Product-dap-1325_firmwaredap-1325DAP-1325dap-1325
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-3210
Matching Score-4
Assigner-Zero Day Initiative
ShareView Details
Matching Score-4
Assigner-Zero Day Initiative
CVSS Score-8.8||HIGH
EPSS-0.36% / 57.36%
||
7 Day CHG~0.00%
Published-29 Mar, 2023 | 00:00
Updated-14 Feb, 2025 | 16:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

This vulnerability allows network-adjacent attackers to execute arbitrary commands on affected installations of D-Link DIR-2150 4.0.1 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the xupnpd service, which listens on TCP port 4044 by default. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of the service account. Was ZDI-CAN-15905.

Action-Not Available
Vendor-D-Link Corporation
Product-dir-2150dir-2150_firmwareDIR-2150
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2019-3985
Matching Score-4
Assigner-Tenable Network Security, Inc.
ShareView Details
Matching Score-4
Assigner-Tenable Network Security, Inc.
CVSS Score-8.8||HIGH
EPSS-0.73% / 71.79%
||
7 Day CHG~0.00%
Published-11 Dec, 2019 | 22:39
Updated-04 Aug, 2024 | 19:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Blink XT2 Sync Module firmware prior to 2.13.11 allows remote attackers to execute arbitrary commands on the device due to improperly sanitized input when configuring the devices wifi configuration via the ssid parameter.

Action-Not Available
Vendor-amazonn/a
Product-blink_xt2_sync_module_firmwareblink_xt2_sync_moduleAmazon's Blink XT2 Sync Module
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-26726
Matching Score-4
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-4
Assigner-Nozomi Networks Inc.
CVSS Score-8.8||HIGH
EPSS-1.08% / 76.93%
||
7 Day CHG~0.00%
Published-16 Feb, 2022 | 15:15
Updated-17 Sep, 2024 | 00:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Remote code execution in Valmet DNA before Collection 2021

A remote code execution vulnerability affecting a Valmet DNA service listening on TCP port 1517, allows an attacker to execute commands with SYSTEM privileges This issue affects: Valmet DNA versions from Collection 2012 until Collection 2021.

Action-Not Available
Vendor-valmetValmet DNA
Product-dnaValmet DNA
CWE ID-CWE-305
Authentication Bypass by Primary Weakness
CWE ID-CWE-272
Least Privilege Violation
CWE ID-CWE-209
Generation of Error Message Containing Sensitive Information
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CWE ID-CWE-330
Use of Insufficiently Random Values
CVE-2011-0378
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-8.3||HIGH
EPSS-1.87% / 82.35%
||
7 Day CHG~0.00%
Published-25 Feb, 2011 | 11:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The XML-RPC implementation on Cisco TelePresence endpoint devices with software 1.2.x through 1.5.x allows remote attackers to execute arbitrary commands via a TCP request, related to a "command injection vulnerability," aka Bug ID CSCtb52587.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-telepresence_system_1100telepresence_system_softwaretelepresence_system_1300_seriestelepresence_system_3000telepresence_system_1000telepresence_system_3200_seriestelepresence_system_500_seriesn/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2019-3986
Matching Score-4
Assigner-Tenable Network Security, Inc.
ShareView Details
Matching Score-4
Assigner-Tenable Network Security, Inc.
CVSS Score-8.8||HIGH
EPSS-0.54% / 66.63%
||
7 Day CHG~0.00%
Published-11 Dec, 2019 | 22:39
Updated-04 Aug, 2024 | 19:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Blink XT2 Sync Module firmware prior to 2.13.11 allows remote attackers to execute arbitrary commands on the device due to improperly sanitized input when configuring the devices wifi configuration via the encryption parameter.

Action-Not Available
Vendor-amazonn/a
Product-blink_xt2_sync_module_firmwareblink_xt2_sync_moduleAmazon's Blink XT2 Sync Module
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2019-3987
Matching Score-4
Assigner-Tenable Network Security, Inc.
ShareView Details
Matching Score-4
Assigner-Tenable Network Security, Inc.
CVSS Score-8.8||HIGH
EPSS-0.73% / 71.79%
||
7 Day CHG~0.00%
Published-11 Dec, 2019 | 22:39
Updated-04 Aug, 2024 | 19:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Blink XT2 Sync Module firmware prior to 2.13.11 allows remote attackers to execute arbitrary commands on the device due to improperly sanitized input when configuring the devices wifi configuration via the key parameter.

Action-Not Available
Vendor-amazonn/a
Product-blink_xt2_sync_module_firmwareblink_xt2_sync_moduleAmazon's Blink XT2 Sync Module
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2019-3988
Matching Score-4
Assigner-Tenable Network Security, Inc.
ShareView Details
Matching Score-4
Assigner-Tenable Network Security, Inc.
CVSS Score-8.8||HIGH
EPSS-0.73% / 71.79%
||
7 Day CHG~0.00%
Published-11 Dec, 2019 | 22:39
Updated-04 Aug, 2024 | 19:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Blink XT2 Sync Module firmware prior to 2.13.11 allows remote attackers to execute arbitrary commands on the device due to improperly sanitized input when configuring the devices wifi configuration via the bssid parameter.

Action-Not Available
Vendor-amazonn/a
Product-blink_xt2_sync_module_firmwareblink_xt2_sync_moduleAmazon's Blink XT2 Sync Module
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-3883
Matching Score-4
Assigner-Zero Day Initiative
ShareView Details
Matching Score-4
Assigner-Zero Day Initiative
CVSS Score-8.8||HIGH
EPSS-0.28% / 50.73%
||
7 Day CHG~0.00%
Published-22 May, 2025 | 00:48
Updated-13 Aug, 2025 | 16:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
eCharge Hardy Barth cPH2 index.php Command Injection Remote Code Execution Vulnerability

eCharge Hardy Barth cPH2 index.php Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of eCharge Hardy Barth cPH2 charging stations. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of GET parameters provided to the index.php endpoint. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of the www-data user. Was ZDI-CAN-23115.

Action-Not Available
Vendor-hardy-bartheCharge Hardy Barth
Product-cph2_echarge_firmwarecph2_echargecPH2
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-20143
Matching Score-4
Assigner-Tenable Network Security, Inc.
ShareView Details
Matching Score-4
Assigner-Tenable Network Security, Inc.
CVSS Score-8.8||HIGH
EPSS-7.77% / 91.58%
||
7 Day CHG~0.00%
Published-09 Dec, 2021 | 15:19
Updated-03 Aug, 2024 | 17:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An unauthenticated command injection vulnerability exists in the parameters of operation 48 in the controller_server service on Gryphon Tower routers. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted malicious packet to the controller_server service on port 9999.

Action-Not Available
Vendor-gryphonconnectn/a
Product-gryphon_tower_firmwaregryphon_towerGryphon Tower router
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-20144
Matching Score-4
Assigner-Tenable Network Security, Inc.
ShareView Details
Matching Score-4
Assigner-Tenable Network Security, Inc.
CVSS Score-8.8||HIGH
EPSS-7.77% / 91.58%
||
7 Day CHG~0.00%
Published-09 Dec, 2021 | 15:19
Updated-03 Aug, 2024 | 17:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An unauthenticated command injection vulnerability exists in the parameters of operation 49 in the controller_server service on Gryphon Tower routers. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted malicious packet to the controller_server service on port 9999.

Action-Not Available
Vendor-gryphonconnectn/a
Product-gryphon_tower_firmwaregryphon_towerGryphon Tower router
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-41199
Matching Score-4
Assigner-Zero Day Initiative
ShareView Details
Matching Score-4
Assigner-Zero Day Initiative
CVSS Score-8.8||HIGH
EPSS-1.47% / 80.08%
||
7 Day CHG~0.00%
Published-03 May, 2024 | 02:11
Updated-12 Mar, 2025 | 17:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
D-Link DAP-1325 HNAP SetHostIPv6StaticSettings StaticDNS2 Command Injection Remote Code Execution Vulnerability

D-Link DAP-1325 HNAP SetHostIPv6StaticSettings StaticDNS2 Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of a request parameter provided to the HNAP1 SOAP endpoint. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-18819.

Action-Not Available
Vendor-D-Link Corporation
Product-dap-1325_firmwaredap-1325DAP-1325dap-1325_firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-41192
Matching Score-4
Assigner-Zero Day Initiative
ShareView Details
Matching Score-4
Assigner-Zero Day Initiative
CVSS Score-8.8||HIGH
EPSS-1.47% / 80.08%
||
7 Day CHG~0.00%
Published-03 May, 2024 | 02:11
Updated-12 Mar, 2025 | 17:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
D-Link DAP-1325 HNAP SetAPLanSettings PrimaryDNS Command Injection Remote Code Execution Vulnerability

D-Link DAP-1325 HNAP SetAPLanSettings PrimaryDNS Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of a request parameter provided to the HNAP1 SOAP endpoint. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-18812.

Action-Not Available
Vendor-D-Link Corporation
Product-dap-1325_firmwaredap-1325DAP-1325dap-1325_firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-41193
Matching Score-4
Assigner-Zero Day Initiative
ShareView Details
Matching Score-4
Assigner-Zero Day Initiative
CVSS Score-8.8||HIGH
EPSS-1.47% / 80.08%
||
7 Day CHG~0.00%
Published-03 May, 2024 | 02:11
Updated-12 Mar, 2025 | 17:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
D-Link DAP-1325 HNAP SetAPLanSettings SecondaryDNS Command Injection Remote Code Execution Vulnerability

D-Link DAP-1325 HNAP SetAPLanSettings SecondaryDNS Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of a request parameter provided to the HNAP1 SOAP endpoint. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-18813.

Action-Not Available
Vendor-D-Link Corporation
Product-dap-1325_firmwaredap-1325DAP-1325dap-1325_firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-41197
Matching Score-4
Assigner-Zero Day Initiative
ShareView Details
Matching Score-4
Assigner-Zero Day Initiative
CVSS Score-8.8||HIGH
EPSS-1.47% / 80.08%
||
7 Day CHG~0.00%
Published-03 May, 2024 | 02:11
Updated-12 Mar, 2025 | 17:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
D-Link DAP-1325 HNAP SetHostIPv6StaticSettings StaticDefaultGateway Command Injection Remote Code Execution Vulnerability

D-Link DAP-1325 HNAP SetHostIPv6StaticSettings StaticDefaultGateway Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of a request parameter provided to the HNAP1 SOAP endpoint. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-18817.

Action-Not Available
Vendor-D-Link Corporation
Product-dap-1325_firmwaredap-1325DAP-1325dap-1325_firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
  • Previous
  • 1
  • 2
  • 3
  • Next
Details not found