Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2019-10880

Summary
Assigner-airbus
Assigner Org ID-24a3c815-5f22-4d74-967a-30958d6466f4
Published At-12 Apr, 2019 | 17:37
Updated At-04 Aug, 2024 | 22:32
Rejected At-
Credits

Within multiple XEROX products a vulnerability allows remote command execution on the Linux system, as the "nobody" user through a crafted "HTTP" request (OS Command Injection vulnerability in the HTTP interface). Depending upon configuration authentication may not be necessary.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:airbus
Assigner Org ID:24a3c815-5f22-4d74-967a-30958d6466f4
Published At:12 Apr, 2019 | 17:37
Updated At:04 Aug, 2024 | 22:32
Rejected At:
▼CVE Numbering Authority (CNA)

Within multiple XEROX products a vulnerability allows remote command execution on the Linux system, as the "nobody" user through a crafted "HTTP" request (OS Command Injection vulnerability in the HTTP interface). Depending upon configuration authentication may not be necessary.

Affected Products
Vendor
Xerox CorporationXEROX
Product
AltaLink B8045/B8055/B8065/B8075/B8090
Versions

unknown

  • From unspecified through 101.008.008.27400 (custom)
Vendor
Xerox CorporationXEROX
Product
AltaLink C8030/C8035/C8045/C8055/C8070
Versions

unknown

  • From unspecified through 101.001.008.27400 (custom)
Vendor
Xerox CorporationXEROX
Product
WorkCentre 3655
Versions

unknown

  • From unspecified through 073.060.075.34540 (custom)
Vendor
Xerox CorporationXEROX
Product
WorkCentre 5845/5855/5865/5875/5890
Versions

unknown

  • From unspecified through 073.190.075.34540 (custom)
Vendor
Xerox CorporationXEROX
Product
WorkCentre 5945/5955
Versions

unknown

  • From unspecified through 073.091.075.34540 (custom)
Vendor
Xerox CorporationXEROX
Product
WorkCentre 6655
Versions

unknown

  • From unspecified through 073.110.075.34540 (custom)
Vendor
Xerox CorporationXEROX
Product
WorkCentre 7220/7225
Versions

unknown

  • From unspecified through 073.030.075.34540 (custom)
Vendor
Xerox CorporationXEROX
Product
WorkCentre 7830/7835/7845/7855
Versions

unknown

  • From unspecified through 073.010.075.34540 (custom)
Vendor
Xerox CorporationXEROX
Product
WorkCentre 7970
Versions

unknown

  • From unspecified through 073.200.075.34540 (custom)
Vendor
Xerox CorporationXEROX
Product
WorkCentre EC7836/EC7856
Versions

unknown

  • From unspecified through 073.020.167.17200 (custom)
Vendor
Xerox CorporationXEROX
Product
ColorQube 9301/9302/9303
Versions
Affected
  • From unspecified before 072.xxx.009.07200 (custom)
Vendor
Xerox CorporationXEROX
Product
ColorQube 8700/8900
Versions
Affected
  • From unspecified before 072.xxx.009.07200 (custom)
Vendor
Xerox CorporationXEROX
Product
WorkCentre 6400
Versions

unknown

  • From unspecified through 061.070.100.24201 (custom)
Vendor
Xerox CorporationXEROX
Product
Phaser 6700
Versions

unknown

  • From unspecified through 081.140.103.22600 (custom)
Vendor
Xerox CorporationXEROX
Product
Phaser 7800
Versions

unknown

  • From unspecified through 081.150.103.05600 (custom)
Vendor
Xerox CorporationXEROX
Product
WorkCentre 5735/5740/5745/5755/5765/5775/5790
Versions

unknown

  • From unspecified through 061.132.221.21403 (custom)
Vendor
Xerox CorporationXEROX
Product
WorkCentre 7525/7530/7535/7545/7556
Versions

unknown

  • From unspecified through 061.121.224.18803 (custom)
Vendor
Xerox CorporationXEROX
Product
WorkCentre 7755/7765/7775
Versions

unknown

  • From unspecified through 061.090.220.19700 (custom)
Problem Types
TypeCWE IDDescription
CWECWE-78CWE-78 OS Command Injection
Type: CWE
CWE ID: CWE-78
Description: CWE-78 OS Command Injection
Metrics
VersionBase scoreBase severityVector
3.09.8CRITICAL
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Version: 3.0
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

A fix for some models is available.

Configurations

Workarounds

There are no known workarounds for now available.

Exploits

Credits

Raphaël Rigo from the Airbus Security Lab
Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://airbus-seclab.github.io/
x_refsource_MISC
https://securitydocs.business.xerox.com/wp-content/uploads/2019/04/cert_Security_Mini_Bulletin_XRX19C_for_CQ8700_CQ8900_CQ93xx.pdf
x_refsource_CONFIRM
Hyperlink: https://airbus-seclab.github.io/
Resource:
x_refsource_MISC
Hyperlink: https://securitydocs.business.xerox.com/wp-content/uploads/2019/04/cert_Security_Mini_Bulletin_XRX19C_for_CQ8700_CQ8900_CQ93xx.pdf
Resource:
x_refsource_CONFIRM
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://airbus-seclab.github.io/
x_refsource_MISC
x_transferred
https://securitydocs.business.xerox.com/wp-content/uploads/2019/04/cert_Security_Mini_Bulletin_XRX19C_for_CQ8700_CQ8900_CQ93xx.pdf
x_refsource_CONFIRM
x_transferred
Hyperlink: https://airbus-seclab.github.io/
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://securitydocs.business.xerox.com/wp-content/uploads/2019/04/cert_Security_Mini_Bulletin_XRX19C_for_CQ8700_CQ8900_CQ93xx.pdf
Resource:
x_refsource_CONFIRM
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cert@airbus.com
Published At:12 Apr, 2019 | 18:29
Updated At:09 Oct, 2019 | 23:45

Within multiple XEROX products a vulnerability allows remote command execution on the Linux system, as the "nobody" user through a crafted "HTTP" request (OS Command Injection vulnerability in the HTTP interface). Depending upon configuration authentication may not be necessary.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.09.8CRITICAL
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Secondary3.09.8CRITICAL
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary2.010.0HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
Type: Primary
Version: 3.0
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.0
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 10.0
Base severity: HIGH
Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C
CPE Matches

Xerox Corporation
xerox
>>colorqube_8700>>-
cpe:2.3:h:xerox:colorqube_8700:-:*:*:*:*:*:*:*
Xerox Corporation
xerox
>>colorqube_8700_firmware>>Versions before 072.161.009.07200(exclusive)
cpe:2.3:o:xerox:colorqube_8700_firmware:*:*:*:*:*:*:*:*
Xerox Corporation
xerox
>>colorqube_8900>>-
cpe:2.3:h:xerox:colorqube_8900:-:*:*:*:*:*:*:*
Xerox Corporation
xerox
>>colorqube_8900_firmware>>Versions before 072.161.009.07200(exclusive)
cpe:2.3:o:xerox:colorqube_8900_firmware:*:*:*:*:*:*:*:*
Xerox Corporation
xerox
>>colorqube_9301>>-
cpe:2.3:h:xerox:colorqube_9301:-:*:*:*:*:*:*:*
Xerox Corporation
xerox
>>colorqube_9301_firmware>>Versions before 072.180.009.07200(exclusive)
cpe:2.3:o:xerox:colorqube_9301_firmware:*:*:*:*:*:*:*:*
Xerox Corporation
xerox
>>colorqube_9302>>-
cpe:2.3:h:xerox:colorqube_9302:-:*:*:*:*:*:*:*
Xerox Corporation
xerox
>>colorqube_9302_firmware>>Versions before 072.180.009.07200(exclusive)
cpe:2.3:o:xerox:colorqube_9302_firmware:*:*:*:*:*:*:*:*
Xerox Corporation
xerox
>>colorqube_9303>>-
cpe:2.3:h:xerox:colorqube_9303:-:*:*:*:*:*:*:*
Xerox Corporation
xerox
>>colorqube_9303_firmware>>Versions before 072.180.009.07200(exclusive)
cpe:2.3:o:xerox:colorqube_9303_firmware:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-78Primarynvd@nist.gov
CWE-78Secondarycert@airbus.com
CWE ID: CWE-78
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-78
Type: Secondary
Source: cert@airbus.com
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
https://airbus-seclab.github.io/cert@airbus.com
Not Applicable
https://securitydocs.business.xerox.com/wp-content/uploads/2019/04/cert_Security_Mini_Bulletin_XRX19C_for_CQ8700_CQ8900_CQ93xx.pdfcert@airbus.com
Vendor Advisory
Hyperlink: https://airbus-seclab.github.io/
Source: cert@airbus.com
Resource:
Not Applicable
Hyperlink: https://securitydocs.business.xerox.com/wp-content/uploads/2019/04/cert_Security_Mini_Bulletin_XRX19C_for_CQ8700_CQ8900_CQ93xx.pdf
Source: cert@airbus.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

623Records found

CVE-2018-18472
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-20.08% / 95.28%
||
7 Day CHG~0.00%
Published-19 Jun, 2019 | 15:44
Updated-05 Aug, 2024 | 11:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Western Digital WD My Book Live and WD My Book Live Duo (all versions) have a root Remote Command Execution bug via shell metacharacters in the /api/1.0/rest/language_configuration language parameter. It can be triggered by anyone who knows the IP address of the affected device, as exploited in the wild in June 2021 for factory reset commands,

Action-Not Available
Vendor-n/aWestern Digital Corp.
Product-my_book_live_firmwaremy_book_liven/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2013-1599
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-92.28% / 99.71%
||
7 Day CHG~0.00%
Published-28 Jan, 2020 | 19:54
Updated-06 Aug, 2024 | 15:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Command Injection vulnerability exists in the /var/www/cgi-bin/rtpd.cgi script in D-Link IP Cameras DCS-3411/3430 firmware 1.02, DCS-5605/5635 1.01, DCS-1100L/1130L 1.04, DCS-1100/1130 1.03, DCS-1100/1130 1.04_US, DCS-2102/2121 1.05_RU, DCS-3410 1.02, DCS-5230 1.02, DCS-5230L 1.02, DCS-6410 1.00, DCS-7410 1.00, DCS-7510 1.00, and WCS-1100 1.02, which could let a remote malicious user execute arbitrary commands through the camera’s web interface.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dcs-2121_firmwaredcs-1130ldcs-3430dcs-5230_firmwaredcs-5230dcs-5605dcs-5230ldcs-1130_firmwaredcs-3410_firmwaredcs-3430_firmwaredcs-3411dcs-5635dcs-6410dcs-7510dcs-1130l_firmwaredcs-2102dcs-7410_firmwaredcs-5605_firmwaredcs-1130dcs-2102_firmwaredcs-7410wcs-1100_firmwarewcs-1100dcs-5230l_firmwaredcs-6410_firmwaredcs-1100_firmwaredcs-3410dcs-2121dcs-1100ldcs-1100dcs-1100l_firmwaredcs-5635_firmwaredcs-3411_firmwaredcs-7510_firmwaren/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-19007
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-9.8||CRITICAL
EPSS-0.49% / 64.64%
||
7 Day CHG~0.00%
Published-14 Dec, 2018 | 20:00
Updated-05 Aug, 2024 | 11:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Geutebrueck GmbH E2 Camera Series versions prior to 1.12.0.25 the DDNS configuration (in the Network Configuration panel) is vulnerable to an OS system command injection as root.

Action-Not Available
Vendor-geutebrueckn/a
Product-g-cam\/ewpc-2275g-cam\/efd-2251_firmwareg-cam\/efd-2251g-cam\/ewpc-2275_firmwareGeutebrück GmbH E2 Camera Series versions prior to 1.12.0.25
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-2068
Matching Score-4
Assigner-OpenSSL Software Foundation
ShareView Details
Matching Score-4
Assigner-OpenSSL Software Foundation
CVSS Score-9.8||CRITICAL
EPSS-69.30% / 98.58%
||
7 Day CHG~0.00%
Published-21 Jun, 2022 | 14:45
Updated-05 May, 2025 | 17:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
The c_rehash script allows command injection

In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there are other places in the script where the file names of certificates being hashed were possibly passed to a command executed through the shell. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.4 (Affected 3.0.0,3.0.1,3.0.2,3.0.3). Fixed in OpenSSL 1.1.1p (Affected 1.1.1-1.1.1o). Fixed in OpenSSL 1.0.2zf (Affected 1.0.2-1.0.2ze).

Action-Not Available
Vendor-OpenSSLSiemens AGBroadcom Inc.NetApp, Inc.Debian GNU/LinuxFedora Project
Product-h410saff_8700_firmwarefas_8300_firmwaredebian_linuxh500s_firmwareaff_a400h610ssinec_insbootstrap_osh410c_firmwaresannavh410csantricity_smi-s_provideropensslh700sh500sfas_8700_firmwareaff_8700h610contap_select_deploy_administration_utilityh615c_firmwareaff_a400_firmwarehci_management_nodeaff_8300fas_a400h610c_firmwarehci_compute_nodeh700s_firmwaresmi-s_providerfedorasolidfirefas_8700h410s_firmwaresnapmanagerh615ch300s_firmwarefas_8300element_softwareh610s_firmwarefas_a400_firmwareaff_8300_firmwareh300sontap_antivirus_connectorOpenSSL
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-17066
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-29.49% / 96.44%
||
7 Day CHG~0.00%
Published-15 Sep, 2018 | 21:00
Updated-05 Aug, 2024 | 10:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. An HTTP request parameter is used in command string construction in the handler function of the /goform/form2systime.cgi route. This could lead to command injection via shell metacharacters in the datetime parameter.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-816_a2dir-816_a2_firmwaren/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-17532
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-53.77% / 97.91%
||
7 Day CHG~0.00%
Published-15 Oct, 2018 | 19:00
Updated-05 Aug, 2024 | 10:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Teltonika RUT9XX routers with firmware before 00.04.233 are prone to multiple unauthenticated OS command injection vulnerabilities in autologin.cgi and hotspotlogin.cgi due to insufficient user input sanitization. This allows remote attackers to execute arbitrary commands with root privileges.

Action-Not Available
Vendor-teltonikan/a
Product-rut955rut955_firmwarerut950rut900rut950_firmwarerut900_firmwaren/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-17565
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.52% / 65.65%
||
7 Day CHG~0.00%
Published-01 Apr, 2019 | 20:51
Updated-05 Aug, 2024 | 10:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Shell Metacharacter Injection in the SSH configuration interface on Grandstream GXP16xx VoIP 1.0.4.128 phones allows attackers to execute arbitrary system commands and gain a root shell.

Action-Not Available
Vendor-grandstreamn/a
Product-gxp1628gxp1610gxp1620_firmwaregxp1625gxp1615_firmwaregxp1610_firmwaregxp1628_firmwaregxp1630gxp1615gxp1620gxp1630_firmwaregxp1625_firmwaren/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-17064
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-14.54% / 94.20%
||
7 Day CHG~0.00%
Published-15 Sep, 2018 | 21:00
Updated-05 Aug, 2024 | 10:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. An HTTP request parameter is used in command string construction within the handler function of the /goform/sylogapply route. This could lead to command injection via the syslogIp parameter after /goform/clearlog is invoked.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-816_a2dir-816_a2_firmwaren/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-18322
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-9.36% / 92.46%
||
7 Day CHG-11.63%
Published-15 Oct, 2018 | 07:00
Updated-05 Aug, 2024 | 11:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.480 has Command Injection via shell metacharacters in the admin/index.php service_start, service_restart, service_fullstatus, or service_stop parameter.

Action-Not Available
Vendor-control-webpaneln/a
Product-webpaneln/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-17068
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-14.54% / 94.20%
||
7 Day CHG~0.00%
Published-15 Sep, 2018 | 21:00
Updated-05 Aug, 2024 | 10:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. An HTTP request parameter is used in command string construction in the handler function of the /goform/Diagnosis route. This could lead to command injection via shell metacharacters in the sendNum parameter.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-816_a2dir-816_a2_firmwaren/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-21143
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-7.5||HIGH
EPSS-0.23% / 45.58%
||
7 Day CHG~0.00%
Published-18 Feb, 2022 | 17:50
Updated-16 Apr, 2025 | 16:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Airspan Networks Mimosa OS Command Injection

MMP: All versions prior to v1.0.3, PTP C-series: Device versions prior to v2.8.6.1, and PTMP C-series and A5x: Device versions prior to v2.5.4.1 does not properly sanitize user input on several locations, which may allow an attacker to inject arbitrary commands.

Action-Not Available
Vendor-Airspan Networks
Product-a5xa5x_firmwarec5cc5xc6x_firmwarec5c_firmwarec6xmimosa_management_platformc5x_firmwarePTP C-seriesMMPPTMP C-series and A5x
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-17787
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-23.20% / 95.73%
||
7 Day CHG~0.00%
Published-02 Oct, 2018 | 18:00
Updated-05 Aug, 2024 | 10:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

On D-Link DIR-823G devices, the GoAhead configuration allows /HNAP1 Command Injection via shell metacharacters in the POST data, because this data is sent directly to the "system" library function.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-823gdir-823g_firmwaren/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-17317
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-4.95% / 89.24%
||
7 Day CHG~0.00%
Published-21 Sep, 2018 | 18:00
Updated-05 Aug, 2024 | 10:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

FruityWifi (aka PatatasFritas/PatataWifi) 2.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the io_mode, ap_mode, io_action, io_in_iface, io_in_set, io_in_ip, io_in_mask, io_in_gw, io_out_iface, io_out_set, io_out_mask, io_out_gw, iface, or domain parameter to /www/script/config_iface.php, or the newSSID, hostapd_secure, hostapd_wpa_passphrase, or supplicant_ssid parameter to /www/page_config.php.

Action-Not Available
Vendor-fruitywifi_projectn/a
Product-fruitywifin/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-17063
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-14.54% / 94.20%
||
7 Day CHG~0.00%
Published-15 Sep, 2018 | 21:00
Updated-05 Aug, 2024 | 10:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. An HTTP request parameter is used in command string construction within the handler function of the /goform/NTPSyncWithHost route. This could lead to command injection via shell metacharacters.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-816_a2dir-816_a2_firmwaren/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-2024
Matching Score-4
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Matching Score-4
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-9.8||CRITICAL
EPSS-43.81% / 97.44%
||
7 Day CHG~0.00%
Published-25 Feb, 2023 | 00:00
Updated-11 Mar, 2025 | 15:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
OS Command Injection in gogs/gogs

OS Command Injection in GitHub repository gogs/gogs prior to 0.12.11.

Action-Not Available
Vendor-gogsgogs
Product-gogsgogs/gogs
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-16618
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-16.17% / 94.55%
||
7 Day CHG~0.00%
Published-19 Jun, 2019 | 17:48
Updated-05 Aug, 2024 | 10:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

VTech Storio Max before 56.D3JM6 allows remote command execution via shell metacharacters in an Android activity name. It exposes the storeintenttranslate.x service on port 1668 listening for requests on localhost. Requests submitted to this service are checked for a string of random characters followed by the name of an Android activity to start. Activities are started by inserting their name into a string that is executed in a shell command. By inserting metacharacters this can be exploited to run arbitrary commands as root. The requests also match those of the HTTP protocol and can be triggered on any web page rendered on the device by requesting resources stored at an http://127.0.0.1:1668/ URI, as demonstrated by the http://127.0.0.1:1668/dacdb70556479813fab2d92896596eef?';{ping,example.org}' URL.

Action-Not Available
Vendor-vtechn/a
Product-80-183823storio_max_firmware80-18382480-18380480-18380580-18380780-1838xx80-18380380-183822n/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2017-18044
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-83.84% / 99.25%
||
7 Day CHG~0.00%
Published-19 Jan, 2018 | 17:00
Updated-05 Aug, 2024 | 21:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Command Injection issue was discovered in ContentStore/Base/CVDataPipe.dll in Commvault before v11 SP6. A certain message parsing function inside the Commvault service does not properly validate the input of an incoming string before passing it to CreateProcess. As a result, a specially crafted message can inject commands that will be executed on the target operating system. Exploitation of this vulnerability does not require authentication and can lead to SYSTEM level privilege on any system running the cvd daemon. This is a different vulnerability than CVE-2017-3195.

Action-Not Available
Vendor-n/aCommvault Systems, Inc.
Product-commvaultn/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-16184
Matching Score-4
Assigner-JPCERT/CC
ShareView Details
Matching Score-4
Assigner-JPCERT/CC
CVSS Score-9.8||CRITICAL
EPSS-4.36% / 88.51%
||
7 Day CHG~0.00%
Published-09 Jan, 2019 | 22:00
Updated-05 Aug, 2024 | 10:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

RICOH Interactive Whiteboard D2200 V1.6 to V2.2, D5500 V1.6 to V2.2, D5510 V1.6 to V2.2, and the display versions with RICOH Interactive Whiteboard Controller Type1 V1.6 to V2.2 attached (D5520, D6500, D6510, D7500, D8400) allows remote attackers to execute arbitrary commands via unspecified vectors.

Action-Not Available
Vendor-Ricoh Company, Ltd.
Product-d6500d5500d5520d2200d7500_firmwared5500_firmwared7500d8400_firmwared5510_firmwared5520_firmwared6510d8400d2200_firmwared5510d6510_firmwared6500_firmwareRICOH Interactive Whiteboard
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2011-2148
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-9.78% / 92.65%
||
7 Day CHG~0.00%
Published-20 May, 2011 | 22:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Admin/frmSite.aspx in the SmarterTools SmarterStats 6.0 web server allows remote attackers to execute arbitrary commands via vectors involving a leading and trailing & (ampersand) character, and (1) an STTTState cookie, (2) the ctl00%24MPH%24txtAdminNewPassword_SettingText parameter, (3) the ctl00%24MPH%24txtSmarterLogDirectory parameter, (4) the ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2414 parameter, (5) the ctl00%24MPH%24ucSiteSeoSettings%24txtSeoMaxKeywords_SettingText parameter, or (6) the ctl00_MPH_grdLogLocations_HiddenLSR parameter, related to an "OS command injection" issue.

Action-Not Available
Vendor-smartertoolsn/a
Product-smarterstatsn/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-16461
Matching Score-4
Assigner-HackerOne
ShareView Details
Matching Score-4
Assigner-HackerOne
CVSS Score-9.8||CRITICAL
EPSS-1.49% / 80.31%
||
7 Day CHG~0.00%
Published-30 Oct, 2018 | 21:00
Updated-05 Aug, 2024 | 10:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A command injection vulnerability in libnmapp package for versions <0.4.16 allows arbitrary commands to be executed via arguments to the range options.

Action-Not Available
Vendor-libnmap_projectn/a
Product-libnmaplibnmap
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-1440
Matching Score-4
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Matching Score-4
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-9.8||CRITICAL
EPSS-11.16% / 93.22%
||
7 Day CHG~0.00%
Published-22 Apr, 2022 | 17:30
Updated-03 Aug, 2024 | 00:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Command Injection vulnerability in git-interface@2.1.1 in yarkeev/git-interface

Command Injection vulnerability in git-interface@2.1.1 in GitHub repository yarkeev/git-interface prior to 2.1.2. If both are provided by user input, then the use of a `--upload-pack` command-line argument feature of git is also supported for `git clone`, which would then allow for any operating system command to be spawned by the attacker.

Action-Not Available
Vendor-git-interface_projectyarkeev
Product-git-interfaceyarkeev/git-interface
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-16460
Matching Score-4
Assigner-HackerOne
ShareView Details
Matching Score-4
Assigner-HackerOne
CVSS Score-9.8||CRITICAL
EPSS-3.67% / 87.43%
||
7 Day CHG~0.00%
Published-07 Sep, 2018 | 19:00
Updated-17 Sep, 2024 | 02:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A command Injection in ps package versions <1.0.0 for Node.js allowed arbitrary commands to be executed when attacker controls the PID.

Action-Not Available
Vendor-umbraengineeringhttps://github.com/UmbraEngineering
Product-psps
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-16462
Matching Score-4
Assigner-HackerOne
ShareView Details
Matching Score-4
Assigner-HackerOne
CVSS Score-10||CRITICAL
EPSS-2.30% / 84.09%
||
7 Day CHG~0.00%
Published-30 Oct, 2018 | 21:00
Updated-05 Aug, 2024 | 10:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A command injection vulnerability in the apex-publish-static-files npm module version <2.0.1 which allows arbitrary shell command execution through a maliciously crafted argument.

Action-Not Available
Vendor-apex-publish-static-files_projectn/a
Product-apex-publish-static-filesapex-publish-static-files
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-1292
Matching Score-4
Assigner-OpenSSL Software Foundation
ShareView Details
Matching Score-4
Assigner-OpenSSL Software Foundation
CVSS Score-9.8||CRITICAL
EPSS-49.69% / 97.73%
||
7 Day CHG~0.00%
Published-03 May, 2022 | 15:15
Updated-13 Aug, 2025 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
The c_rehash script allows command injection

The c_rehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.3 (Affected 3.0.0,3.0.1,3.0.2). Fixed in OpenSSL 1.1.1o (Affected 1.1.1-1.1.1n). Fixed in OpenSSL 1.0.2ze (Affected 1.0.2-1.0.2zd).

Action-Not Available
Vendor-Oracle CorporationFedora ProjectDebian GNU/LinuxOpenSSLSiemens AGNetApp, Inc.
Product-clustered_data_ontapopensslsolidfire_\&_hci_management_nodemysql_workbenchenterprise_manager_ops_centera700s_firmwaresolidfire\,_enterprise_sds_\&_hci_storage_nodeaff_500f_firmwarebrownfield_connectivity_gatewayh300e_firmwarefas_8300_firmwareaff_500ffedoraa250_firmwareh700eh500e_firmwarea250snapcenteraff_a400active_iq_unified_manageraff_8700fabric-attached_storage_a400_firmwaredebian_linuxh300ea700sfas_500f_firmwarefas_8700aff_8300h300s_firmwareaff_a400_firmwarefabric-attached_storage_a400oncommand_insightfas_8300fas_8700_firmwarefas_500fh410s_firmwaresnapmanagerh300sh700e_firmwareaff_8700_firmwareclustered_data_ontap_antivirus_connectorsantricity_smi-s_providerh700saff_8300_firmwareh500eh700s_firmwareoncommand_workflow_automationh410sh500s_firmwaresmi-s_providerh500smysql_serverOpenSSL
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-0848
Matching Score-4
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Matching Score-4
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-10||CRITICAL
EPSS-32.68% / 96.72%
||
7 Day CHG~0.00%
Published-04 Mar, 2022 | 08:25
Updated-02 Aug, 2024 | 23:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
OS Command Injection in part-db/part-db

OS Command Injection in GitHub repository part-db/part-db prior to 0.5.11.

Action-Not Available
Vendor-part-db_projectpart-db
Product-part-dbpart-db/part-db
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-16144
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-25.38% / 96.00%
||
7 Day CHG~0.00%
Published-05 Sep, 2018 | 21:00
Updated-05 Aug, 2024 | 10:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The test connection functionality in the NetAudit section of Opsview Monitor before 5.3.1 and 5.4.x before 5.4.2 is vulnerable to command injection due to improper sanitization of the rancid_password parameter.

Action-Not Available
Vendor-opsviewn/a
Product-opsviewn/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-0841
Matching Score-4
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Matching Score-4
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-3.8||LOW
EPSS-1.51% / 80.48%
||
7 Day CHG-0.32%
Published-03 Mar, 2022 | 15:50
Updated-02 Aug, 2024 | 23:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
OS Command Injection in ljharb/npm-lockfile

OS Command Injection in GitHub repository ljharb/npm-lockfile in v2.0.3 and v2.0.4.

Action-Not Available
Vendor-npm-lockfile_projectljharb
Product-npm-lockfileljharb/npm-lockfile
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-15484
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-8.33% / 91.93%
||
7 Day CHG~0.00%
Published-07 Sep, 2018 | 22:00
Updated-05 Aug, 2024 | 09:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on KONE Group Controller (KGC) devices before 4.6.5. Unauthenticated Remote Code Execution is possible through the open HTTP interface by modifying autoexec.bat, aka KONE-01.

Action-Not Available
Vendor-konen/a
Product-group_controller_firmwaregroup_controllern/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2017-1000116
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-3.61% / 87.32%
||
7 Day CHG~0.00%
Published-04 Oct, 2017 | 01:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Mercurial prior to 4.3 did not adequately sanitize hostnames passed to ssh, leading to possible shell-injection attacks.

Action-Not Available
Vendor-mercurialn/aRed Hat, Inc.Debian GNU/Linux
Product-enterprise_linux_desktopenterprise_linux_server_tusmercurialenterprise_linux_workstationenterprise_linux_server_eusdebian_linuxenterprise_linux_serverenterprise_linux_server_ausn/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2017-1000219
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-3.34% / 86.80%
||
7 Day CHG~0.00%
Published-17 Nov, 2017 | 00:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

npm/KyleRoss windows-cpu all versions vulnerable to command injection resulting in code execution as Node.js user

Action-Not Available
Vendor-windows-cpu_projectn/a
Product-windows-cpun/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2017-1000214
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-7.22% / 91.25%
||
7 Day CHG~0.00%
Published-27 Nov, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

GitPHP by xiphux is vulnerable to OS Command Injections

Action-Not Available
Vendor-gitphp_projectn/a
Product-gitphpn/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-0365
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-9.1||CRITICAL
EPSS-2.42% / 84.51%
||
7 Day CHG~0.00%
Published-04 Feb, 2022 | 22:29
Updated-16 Apr, 2025 | 16:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Ricon Mobile, Inc.

The affected product is vulnerable to an authenticated OS command injection, which may allow an attacker to inject and execute arbitrary shell commands as the Admin (root) user.

Action-Not Available
Vendor-riconmobileRicon
Product-s9922l_firmwares9922ls9922xls9922xl_firmwareIndustrial Cellular Router
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-14699
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-69.47% / 98.59%
||
7 Day CHG~0.00%
Published-03 Dec, 2018 | 22:00
Updated-05 Aug, 2024 | 09:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

System command injection in the /DroboAccess/enable_user endpoint in Drobo 5N2 NAS version 4.0.5-13.28.96115 allows unauthenticated attackers to execute system commands via the "username" URL parameter.

Action-Not Available
Vendor-drobon/a
Product-5n2_firmware5n2n/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-14701
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-50.21% / 97.75%
||
7 Day CHG~0.00%
Published-03 Dec, 2018 | 22:00
Updated-05 Aug, 2024 | 09:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

System command injection in the /DroboAccess/delete_user endpoint in Drobo 5N2 NAS version 4.0.5-13.28.96115 allows unauthenticated attackers to execute system commands via the "username" URL parameter.

Action-Not Available
Vendor-drobon/a
Product-5n2_firmware5n2n/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-14706
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-63.86% / 98.35%
||
7 Day CHG~0.00%
Published-03 Dec, 2018 | 22:00
Updated-05 Aug, 2024 | 09:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

System command injection in the /DroboPix/api/drobopix/demo endpoint on Drobo 5N2 NAS version 4.0.5-13.28.96115 allows unauthenticated attackers to execute system commands via the payload in a POST request.

Action-Not Available
Vendor-drobon/a
Product-5n2_firmware5n2n/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-14558
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-81.99% / 99.16%
||
7 Day CHG~0.00%
Published-30 Oct, 2018 | 18:00
Updated-30 Jul, 2025 | 01:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-05-03||Apply updates per vendor instructions.

An issue was discovered on Tenda AC7 devices with firmware through V15.03.06.44_CN(AC7), AC9 devices with firmware through V15.03.05.19(6318)_CN(AC9), and AC10 devices with firmware through V15.03.06.23_CN(AC10). A command Injection vulnerability allows attackers to execute arbitrary OS commands via a crafted goform/setUsbUnload request. This occurs because the "formsetUsbUnload" function executes a dosystemCmd function with untrusted input.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac10ac9_firmwareac7ac9ac10_firmwareac7_firmwaren/aAC7, AC9, and AC10 Routers
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-46422
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-94.26% / 99.93%
||
7 Day CHG~0.00%
Published-27 Apr, 2022 | 11:04
Updated-04 Aug, 2024 | 05:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Telesquare SDT-CW3B1 1.1.0 is affected by an OS command injection vulnerability that allows a remote attacker to execute OS commands without any authentication.

Action-Not Available
Vendor-telesquaren/a
Product-sdt-cs3b1sdt-cs3b1_firmwaren/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-14417
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-71.90% / 98.68%
||
7 Day CHG~0.00%
Published-03 Aug, 2018 | 16:00
Updated-05 Aug, 2024 | 09:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A command injection vulnerability was found in the web administration console in SoftNAS Cloud before 4.0.3. In particular, the snserv script did not sanitize the 'recentVersion' parameter from the snserv endpoint, allowing an unauthenticated attacker to execute arbitrary commands with root permissions.

Action-Not Available
Vendor-softnasn/a
Product-cloudn/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-46315
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-26.25% / 96.11%
||
7 Day CHG~0.00%
Published-17 Feb, 2022 | 21:15
Updated-04 Aug, 2024 | 05:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Remote Command Execution (RCE) vulnerability exists in HNAP1/control/SetWizardConfig.php in D-Link Router DIR-846 DIR846A1_FW100A43.bin and DIR846enFW100A53DLA-Retail.bin. Malicoius users can use this vulnerability to use "\ " or backticks in the shell metacharacters in the ssid0 or ssid1 parameters to cause arbitrary command execution. Since CVE-2019-17510 vulnerability has not been patched and improved www/hnap1/control/setwizardconfig.php, can also use line breaks and backquotes to bypass.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-846_firmwaredir-846n/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-46007
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-9.41% / 92.48%
||
7 Day CHG~0.00%
Published-30 Mar, 2022 | 22:12
Updated-04 Aug, 2024 | 04:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

totolink a3100r V5.9c.4577 is vulnerable to os command injection. The backend of a page is executing the "ping" command, and the input field does not adequately filter special symbols. This can lead to command injection attacks.

Action-Not Available
Vendor-n/aTOTOLINK
Product-ar3100rar3100r_firmwaren/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-15477
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.38% / 58.70%
||
7 Day CHG~0.00%
Published-30 Aug, 2018 | 17:00
Updated-05 Aug, 2024 | 09:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

myStrom WiFi Switch V1 devices before 2.66 did not sanitize a parameter received from the cloud that was used in an OS command. Malicious servers were able to run operating system commands on the device.

Action-Not Available
Vendor-mystromn/a
Product-wifi_switch_firmwarewifi_switchn/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-14494
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-8.96% / 92.26%
||
7 Day CHG~0.00%
Published-10 Jul, 2019 | 12:56
Updated-05 Aug, 2024 | 09:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vivotek FD8136 devices allow Remote Command Injection, related to BusyBox and wget. NOTE: the vendor sent a clarification on 2019-09-17 explaining that, although this CVE was first populated in July 2019, it is a historical vulnerability that does not apply to any current or recent Vivotek hardware or firmware

Action-Not Available
Vendor-vivotekn/a
Product-fd8136_firmwarefd8136n/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-13314
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-15.30% / 94.36%
||
7 Day CHG~0.00%
Published-27 Nov, 2018 | 21:00
Updated-05 Aug, 2024 | 09:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

System command injection in formAliasIp in TOTOLINK A3002RU version 1.0.8 allows attackers to execute system commands via the "ipAddr" POST parameter.

Action-Not Available
Vendor-n/aTOTOLINK
Product-a3002rua3002ru_firmwaren/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-46686
Matching Score-4
Assigner-JPCERT/CC
ShareView Details
Matching Score-4
Assigner-JPCERT/CC
CVSS Score-9.8||CRITICAL
EPSS-0.20% / 42.19%
||
7 Day CHG~0.00%
Published-17 Feb, 2025 | 23:58
Updated-18 Feb, 2025 | 15:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper neutralization of special elements used in an OS command ('OS Command Injection') issue exists in acmailer CGI ver.4.0.3 and earlier and acmailer DB ver.1.1.5 and earlier. If this vulnerability is exploited, an arbitrary OS command may be executed by an attacker.

Action-Not Available
Vendor-Extra Innovation Inc.
Product-acmailer DBacmailer CGI
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-14060
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-11.26% / 93.25%
||
7 Day CHG~0.00%
Published-15 Jul, 2018 | 03:00
Updated-05 Aug, 2024 | 09:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

OS command injection in the AP mode settings feature in /cgi-bin/luci /api/misystem/set_router_wifiap on Xiaomi R3D before 2.26.4 devices allows an attacker to execute any command via crafted JSON data.

Action-Not Available
Vendor-n/aXiaomi
Product-xiaomi_r3d_firmwarexiaomi_r3dn/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-46319
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-16.56% / 94.65%
||
7 Day CHG~0.00%
Published-17 Feb, 2022 | 21:27
Updated-04 Aug, 2024 | 05:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Remote Code Execution (RCE) vulnerability exists in D-Link Router DIR-846 DIR846A1_FW100A43.bin and DIR846enFW100A53DLA-Retail.bin. Malicious users can use this vulnerability to use "\ " or backticks to bypass the shell metacharacters in the ssid0 or ssid1 parameters to execute arbitrary commands.This vulnerability is due to the fact that CVE-2019-17509 is not fully patched and can be bypassed by using line breaks or backticks on its basis.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-846_firmwaredir-846n/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-45966
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-13.81% / 94.03%
||
7 Day CHG~0.00%
Published-18 Mar, 2022 | 05:00
Updated-04 Aug, 2024 | 04:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Pascom Cloud Phone System before 7.20.x. In the management REST API, /services/apply in exd.pl allows remote attackers to execute arbitrary code via shell metacharacters.

Action-Not Available
Vendor-pascomn/a
Product-cloud_phone_systemn/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-14010
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-11.26% / 93.25%
||
7 Day CHG~0.00%
Published-15 Jul, 2018 | 03:00
Updated-05 Aug, 2024 | 09:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

OS command injection in the guest Wi-Fi settings feature in /cgi-bin/luci on Xiaomi R3P before 2.14.5, R3C before 2.12.15, R3 before 2.22.15, and R3D before 2.26.4 devices allows an attacker to execute any command via crafted JSON data.

Action-Not Available
Vendor-n/aXiaomi
Product-xiaomi_r3d_firmwarexiaomi_r3pxiaomi_r3cxiaomi_r3c_firmwarexiaomi_r3xiaomi_r3p_firmwarexiaomi_r3dn/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-13354
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-12.08% / 93.54%
||
7 Day CHG~0.00%
Published-27 Nov, 2018 | 21:00
Updated-05 Aug, 2024 | 09:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

System command injection in logtable.php in TerraMaster TOS version 3.1.03 allows attackers to execute system commands via the "Event" parameter.

Action-Not Available
Vendor-terra-mastern/a
Product-terramaster_operating_systemn/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-13316
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-15.30% / 94.36%
||
7 Day CHG~0.00%
Published-27 Nov, 2018 | 21:00
Updated-05 Aug, 2024 | 09:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

System command injection in formAliasIp in TOTOLINK A3002RU version 1.0.8 allows attackers to execute system commands via the "subnet" POST parameter.

Action-Not Available
Vendor-n/aTOTOLINK
Product-a3002rua3002ru_firmwaren/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
  • Previous
  • 1
  • 2
  • ...
  • 5
  • 6
  • 7
  • ...
  • 12
  • 13
  • Next
Details not found