Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2020-5635

Summary
Assigner-jpcert
Assigner Org ID-ede6fdc4-6654-4307-a26d-3331c018e2ce
Published At-14 Dec, 2020 | 02:25
Updated At-04 Aug, 2024 | 08:39
Rejected At-
Credits

Aterm SA3500G firmware versions prior to Ver. 3.5.9 allows an attacker on the adjacent network to send a specially crafted request to a specific URL, which may result in an arbitrary command execution.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:jpcert
Assigner Org ID:ede6fdc4-6654-4307-a26d-3331c018e2ce
Published At:14 Dec, 2020 | 02:25
Updated At:04 Aug, 2024 | 08:39
Rejected At:
▼CVE Numbering Authority (CNA)

Aterm SA3500G firmware versions prior to Ver. 3.5.9 allows an attacker on the adjacent network to send a specially crafted request to a specific URL, which may result in an arbitrary command execution.

Affected Products
Vendor
NEC CorporationNEC Corporation
Product
Aterm SA3500G
Versions
Affected
  • firmware versions prior to Ver. 3.5.9
Problem Types
TypeCWE IDDescription
textN/AOS Command Injection
Type: text
CWE ID: N/A
Description: OS Command Injection
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.necplatforms.co.jp/product/security_ap/info_20201211.html
x_refsource_MISC
https://jvn.jp/en/jp/JVN55917325/index.html
x_refsource_MISC
https://jvn.jp/jp/JVN55917325/index.html
x_refsource_MISC
Hyperlink: https://www.necplatforms.co.jp/product/security_ap/info_20201211.html
Resource:
x_refsource_MISC
Hyperlink: https://jvn.jp/en/jp/JVN55917325/index.html
Resource:
x_refsource_MISC
Hyperlink: https://jvn.jp/jp/JVN55917325/index.html
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.necplatforms.co.jp/product/security_ap/info_20201211.html
x_refsource_MISC
x_transferred
https://jvn.jp/en/jp/JVN55917325/index.html
x_refsource_MISC
x_transferred
https://jvn.jp/jp/JVN55917325/index.html
x_refsource_MISC
x_transferred
Hyperlink: https://www.necplatforms.co.jp/product/security_ap/info_20201211.html
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://jvn.jp/en/jp/JVN55917325/index.html
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://jvn.jp/jp/JVN55917325/index.html
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:vultures@jpcert.or.jp
Published At:14 Dec, 2020 | 03:15
Updated At:15 Dec, 2020 | 18:01

Aterm SA3500G firmware versions prior to Ver. 3.5.9 allows an attacker on the adjacent network to send a specially crafted request to a specific URL, which may result in an arbitrary command execution.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.18.8HIGH
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary2.05.8MEDIUM
AV:A/AC:L/Au:N/C:P/I:P/A:P
Type: Primary
Version: 3.1
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 5.8
Base severity: MEDIUM
Vector:
AV:A/AC:L/Au:N/C:P/I:P/A:P
CPE Matches
NEC Platforms, Ltd.
necplatforms
>>aterm_sa3500g>>-
cpe:2.3:h:necplatforms:aterm_sa3500g:-:*:*:*:*:*:*:*
NEC Platforms, Ltd.
necplatforms
>>aterm_sa3500g_firmware>>Versions before 3.5.9(exclusive)
cpe:2.3:o:necplatforms:aterm_sa3500g_firmware:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-78Primarynvd@nist.gov
CWE ID: CWE-78
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://jvn.jp/en/jp/JVN55917325/index.htmlvultures@jpcert.or.jp
Third Party Advisory
https://jvn.jp/jp/JVN55917325/index.htmlvultures@jpcert.or.jp
Third Party Advisory
https://www.necplatforms.co.jp/product/security_ap/info_20201211.htmlvultures@jpcert.or.jp
Vendor Advisory
Hyperlink: https://jvn.jp/en/jp/JVN55917325/index.html
Source: vultures@jpcert.or.jp
Resource:
Third Party Advisory
Hyperlink: https://jvn.jp/jp/JVN55917325/index.html
Source: vultures@jpcert.or.jp
Resource:
Third Party Advisory
Hyperlink: https://www.necplatforms.co.jp/product/security_ap/info_20201211.html
Source: vultures@jpcert.or.jp
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

154Records found
CVE-2020-5524
Matching Score-10
Assigner-JPCERT/CC
ShareView Details
Matching Score-10
Assigner-JPCERT/CC
CVSS Score-8.8||HIGH
EPSS-0.22% / 45.04%
||
7 Day CHG~0.00%
Published-21 Feb, 2020 | 09:15
Updated-04 Aug, 2024 | 08:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Aterm series (Aterm WF1200C firmware Ver1.2.1 and earlier, Aterm WG1200CR firmware Ver1.2.1 and earlier, Aterm WG2600HS firmware Ver1.3.2 and earlier) allows an attacker on the same network segment to execute arbitrary OS commands with root privileges via UPnP function.

Action-Not Available
Vendor-NEC Corporation
Product-aterm_wf1200caterm_wg1200craterm_wg1200cr_firmwareaterm_wg2600hs_firmwareaterm_wf1200c_firmwareaterm_wg2600hsAterm series
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-16194
Matching Score-6
Assigner-JPCERT/CC
ShareView Details
Matching Score-6
Assigner-JPCERT/CC
CVSS Score-7.2||HIGH
EPSS-0.59% / 68.22%
||
7 Day CHG~0.00%
Published-09 Jan, 2019 | 22:00
Updated-05 Aug, 2024 | 10:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Aterm WF1200CR and Aterm WG1200CR (Aterm WF1200CR firmware Ver1.1.1 and earlier, Aterm WG1200CR firmware Ver1.0.1 and earlier) allows authenticated attackers to execute arbitrary OS commands via unspecified vectors.

Action-Not Available
Vendor-NEC Corporation
Product-aterm_wf1200craterm_wg1200craterm_wg1200cr_firmwareaterm_wf1200cr_firmwareAterm WF1200CR and Aterm WG1200CR
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-16195
Matching Score-6
Assigner-JPCERT/CC
ShareView Details
Matching Score-6
Assigner-JPCERT/CC
CVSS Score-8.8||HIGH
EPSS-0.32% / 53.99%
||
7 Day CHG~0.00%
Published-09 Jan, 2019 | 22:00
Updated-05 Aug, 2024 | 10:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Aterm WF1200CR and Aterm WG1200CR (Aterm WF1200CR firmware Ver1.1.1 and earlier, Aterm WG1200CR firmware Ver1.0.1 and earlier) allows an attacker on the same network segment to execute arbitrary OS commands via SOAP interface of UPnP.

Action-Not Available
Vendor-NEC Corporation
Product-aterm_wf1200craterm_wg1200craterm_wg1200cr_firmwareaterm_wf1200cr_firmwareAterm WF1200CR and Aterm WG1200CR
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-0628
Matching Score-6
Assigner-JPCERT/CC
ShareView Details
Matching Score-6
Assigner-JPCERT/CC
CVSS Score-7.2||HIGH
EPSS-0.67% / 70.37%
||
7 Day CHG~0.00%
Published-09 Jan, 2019 | 22:00
Updated-05 Aug, 2024 | 03:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Aterm WG1200HP firmware Ver1.0.31 and earlier allows attacker with administrator rights to execute arbitrary OS commands via HTTP request and response.

Action-Not Available
Vendor-NEC Corporation
Product-aterm_wg1200hp_firmwareaterm_wg1200hpWG1200HP
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-0638
Matching Score-6
Assigner-JPCERT/CC
ShareView Details
Matching Score-6
Assigner-JPCERT/CC
CVSS Score-7.2||HIGH
EPSS-0.67% / 70.37%
||
7 Day CHG~0.00%
Published-09 Jan, 2019 | 22:00
Updated-05 Aug, 2024 | 03:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary OS commands via import.cgi encKey parameter.

Action-Not Available
Vendor-NEC Corporation
Product-aterm_hc100rc_firmwareaterm_hc100rcHC100RC
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-0639
Matching Score-6
Assigner-JPCERT/CC
ShareView Details
Matching Score-6
Assigner-JPCERT/CC
CVSS Score-7.2||HIGH
EPSS-0.59% / 68.22%
||
7 Day CHG~0.00%
Published-09 Jan, 2019 | 22:00
Updated-05 Aug, 2024 | 03:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary OS commands via tools_firmware.cgi date parameter, time parameter, and offset parameter.

Action-Not Available
Vendor-NEC Corporation
Product-aterm_hc100rc_firmwareaterm_hc100rcHC100RC
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-0629
Matching Score-6
Assigner-JPCERT/CC
ShareView Details
Matching Score-6
Assigner-JPCERT/CC
CVSS Score-7.2||HIGH
EPSS-0.67% / 70.37%
||
7 Day CHG~0.00%
Published-09 Jan, 2019 | 22:00
Updated-05 Aug, 2024 | 03:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Aterm W300P Ver1.0.13 and earlier allows attacker with administrator rights to execute arbitrary OS commands via HTTP request and response.

Action-Not Available
Vendor-NEC Corporation
Product-aterm_w300p_firmwareaterm_w300pAterm W300P
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-0630
Matching Score-6
Assigner-JPCERT/CC
ShareView Details
Matching Score-6
Assigner-JPCERT/CC
CVSS Score-7.2||HIGH
EPSS-0.67% / 70.37%
||
7 Day CHG~0.00%
Published-09 Jan, 2019 | 22:00
Updated-05 Aug, 2024 | 03:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Aterm W300P Ver1.0.13 and earlier allows attacker with administrator rights to execute arbitrary OS commands via sysCmd parameter.

Action-Not Available
Vendor-NEC Corporation
Product-aterm_w300p_firmwareaterm_w300pAterm W300P
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-0625
Matching Score-6
Assigner-JPCERT/CC
ShareView Details
Matching Score-6
Assigner-JPCERT/CC
CVSS Score-7.2||HIGH
EPSS-0.67% / 70.37%
||
7 Day CHG~0.00%
Published-09 Jan, 2019 | 22:00
Updated-05 Aug, 2024 | 03:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Aterm WG1200HP firmware Ver1.0.31 and earlier allows attacker with administrator rights to execute arbitrary OS commands via formSysCmd parameter.

Action-Not Available
Vendor-NEC Corporation
Product-aterm_wg1200hp_firmwareaterm_wg1200hpWG1200HP
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-0627
Matching Score-6
Assigner-JPCERT/CC
ShareView Details
Matching Score-6
Assigner-JPCERT/CC
CVSS Score-7.2||HIGH
EPSS-0.67% / 70.37%
||
7 Day CHG~0.00%
Published-09 Jan, 2019 | 22:00
Updated-05 Aug, 2024 | 03:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Aterm WG1200HP firmware Ver1.0.31 and earlier allows attacker with administrator rights to execute arbitrary OS commands via targetAPSsid parameter.

Action-Not Available
Vendor-NEC Corporation
Product-aterm_wg1200hp_firmwareaterm_wg1200hpWG1200HP
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-0634
Matching Score-6
Assigner-JPCERT/CC
ShareView Details
Matching Score-6
Assigner-JPCERT/CC
CVSS Score-7.2||HIGH
EPSS-0.59% / 68.22%
||
7 Day CHG~0.00%
Published-09 Jan, 2019 | 22:00
Updated-05 Aug, 2024 | 03:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary OS commands via FactoryPassword parameter or bootmode parameter of a certain URL.

Action-Not Available
Vendor-NEC Corporation
Product-aterm_hc100rc_firmwareaterm_hc100rcHC100RC
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-0635
Matching Score-6
Assigner-JPCERT/CC
ShareView Details
Matching Score-6
Assigner-JPCERT/CC
CVSS Score-7.2||HIGH
EPSS-0.59% / 68.22%
||
7 Day CHG~0.00%
Published-09 Jan, 2019 | 22:00
Updated-05 Aug, 2024 | 03:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary OS commands via filename parameter.

Action-Not Available
Vendor-NEC Corporation
Product-aterm_hc100rc_firmwareaterm_hc100rcHC100RC
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-20711
Matching Score-6
Assigner-JPCERT/CC
ShareView Details
Matching Score-6
Assigner-JPCERT/CC
CVSS Score-9.8||CRITICAL
EPSS-0.65% / 69.82%
||
7 Day CHG~0.00%
Published-26 Apr, 2021 | 00:20
Updated-03 Aug, 2024 | 17:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Aterm WG2600HS firmware Ver1.5.1 and earlier allows an attacker to execute arbitrary OS commands via unspecified vectors.

Action-Not Available
Vendor-NEC Corporation
Product-aterm_wg2600hs_firmwareaterm_wg2600hsAterm WG2600HS
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-0356
Matching Score-6
Assigner-NEC Corporation
ShareView Details
Matching Score-6
Assigner-NEC Corporation
CVSS Score-7.2||HIGH
EPSS-0.09% / 26.19%
||
7 Day CHG+0.01%
Published-15 Jan, 2025 | 07:24
Updated-03 Apr, 2025 | 15:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NEC Corporation Aterm WX1500HP Ver.1.4.2 and earlier and WX3600HP Ver.1.5.3 and earlier allows a attacker to execute arbitrary OS commands via the network.

Action-Not Available
Vendor-NEC Corporation
Product-WX1500HPWX3600HP
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-3333
Matching Score-6
Assigner-NEC Corporation
ShareView Details
Matching Score-6
Assigner-NEC Corporation
CVSS Score-7.2||HIGH
EPSS-0.07% / 22.44%
||
7 Day CHG~0.00%
Published-28 Jun, 2023 | 01:33
Updated-04 Dec, 2024 | 20:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper Neutralization of Special Elements used in an OS Command vulnerability in NEC Corporation Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2, WG1800HP, WG1400HP, WG600HP, WG300HP, WF300HP, WR9500N, WR9300N, WR8750N, WR8700N, WR8600N, WR8370N, WR8175N and WR8170N all versions allows a attacker to execute an arbitrary OS command with the root privilege, after obtaining a high privilege exploiting CVE-2023-3330 and CVE-2023-3331 vulnerabilities.

Action-Not Available
Vendor-NEC Corporation
Product-aterm_wr8175naterm_wr8370n_firmwareaterm_wr8750n_firmwareaterm_wr8370naterm_wf300hpaterm_wr8170naterm_wg600hp_firmwareaterm_wg300hp_firmwareaterm_wg1800hpaterm_wg1800hp2aterm_wg300hpaterm_wg1800hp2_firmwareaterm_wr8600n_firmwareaterm_wf300hp_firmwareaterm_wg1400hp_firmwareaterm_wr9500n_firmwareaterm_wg2200hpaterm_wr9500naterm_wg2200hp_firmwareaterm_wr9300naterm_wg1800hp_firmwareaterm_wg2600hpaterm_wg2600hp2_firmwareaterm_wg600hpaterm_wr8600naterm_wr8170n_firmwareaterm_wr8700n_firmwareaterm_wg2600hp_firmwareaterm_wr9300n_firmwareaterm_wg1400hpaterm_wr8700naterm_wg2600hp2aterm_wr8175n_firmwareaterm_wr8750nAterm WR8170NAterm WG2600HPAterm WR8700NAterm WR9500NAterm WR8175NAterm WG2600HP2Aterm WR9300NAterm WG1800HP2Aterm WG1800HPAterm WR8370NAterm WG2200HPAterm WF300HPAterm WG300HPAterm WG1400HPAterm WR8750NAterm WR8600NAterm WG600HP
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-0637
Matching Score-6
Assigner-JPCERT/CC
ShareView Details
Matching Score-6
Assigner-JPCERT/CC
CVSS Score-7.2||HIGH
EPSS-0.67% / 70.37%
||
7 Day CHG~0.00%
Published-09 Jan, 2019 | 22:00
Updated-05 Aug, 2024 | 03:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary OS commands via export.cgi encKey parameter.

Action-Not Available
Vendor-NEC Corporation
Product-aterm_hc100rc_firmwareaterm_hc100rcHC100RC
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-5636
Matching Score-6
Assigner-JPCERT/CC
ShareView Details
Matching Score-6
Assigner-JPCERT/CC
CVSS Score-6.8||MEDIUM
EPSS-0.24% / 47.49%
||
7 Day CHG~0.00%
Published-14 Dec, 2020 | 02:25
Updated-04 Aug, 2024 | 08:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Aterm SA3500G firmware versions prior to Ver. 3.5.9 allows an attacker with an administrative privilege to send a specially crafted request to a specific URL, which may result in an arbitrary command execution.

Action-Not Available
Vendor-NEC Platforms, Ltd.NEC Corporation
Product-aterm_sa3500gaterm_sa3500g_firmwareAterm SA3500G
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-5525
Matching Score-6
Assigner-JPCERT/CC
ShareView Details
Matching Score-6
Assigner-JPCERT/CC
CVSS Score-8||HIGH
EPSS-0.23% / 45.61%
||
7 Day CHG~0.00%
Published-21 Feb, 2020 | 09:15
Updated-04 Aug, 2024 | 08:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Aterm series (Aterm WF1200C firmware Ver1.2.1 and earlier, Aterm WG1200CR firmware Ver1.2.1 and earlier, Aterm WG2600HS firmware Ver1.3.2 and earlier) allows an authenticated attacker on the same network segment to execute arbitrary OS commands with root privileges via management screen.

Action-Not Available
Vendor-NEC Corporation
Product-aterm_wg1200craterm_wf1200c_firmwareaterm_wg1200cr_firmwareaterm_wg2600hs_firmwareaterm_wf1200caterm_wg2600hsAterm series
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-5534
Matching Score-6
Assigner-JPCERT/CC
ShareView Details
Matching Score-6
Assigner-JPCERT/CC
CVSS Score-8||HIGH
EPSS-0.23% / 45.61%
||
7 Day CHG~0.00%
Published-21 Feb, 2020 | 09:15
Updated-04 Aug, 2024 | 08:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Aterm WG2600HS firmware Ver1.3.2 and earlier allows an authenticated attacker on the same network segment to execute arbitrary OS commands with root privileges via unspecified vectors.

Action-Not Available
Vendor-NEC Corporation
Product-aterm_wg2600hs_firmwareaterm_wg2600hsAterm WG2600HS
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-0636
Matching Score-6
Assigner-JPCERT/CC
ShareView Details
Matching Score-6
Assigner-JPCERT/CC
CVSS Score-7.2||HIGH
EPSS-0.59% / 68.22%
||
7 Day CHG~0.00%
Published-09 Jan, 2019 | 22:00
Updated-05 Aug, 2024 | 03:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary OS commands via FactoryPassword parameter of a certain URL, different URL from CVE-2018-0634.

Action-Not Available
Vendor-NEC Corporation
Product-aterm_hc100rc_firmwareaterm_hc100rcHC100RC
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-0631
Matching Score-6
Assigner-JPCERT/CC
ShareView Details
Matching Score-6
Assigner-JPCERT/CC
CVSS Score-7.2||HIGH
EPSS-0.67% / 70.37%
||
7 Day CHG~0.00%
Published-09 Jan, 2019 | 22:00
Updated-05 Aug, 2024 | 03:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Aterm W300P Ver1.0.13 and earlier allows attacker with administrator rights to execute arbitrary OS commands via targetAPSsid parameter.

Action-Not Available
Vendor-NEC Corporation
Product-aterm_w300p_firmwareaterm_w300pAterm W300P
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-20708
Matching Score-6
Assigner-JPCERT/CC
ShareView Details
Matching Score-6
Assigner-JPCERT/CC
CVSS Score-7.2||HIGH
EPSS-0.69% / 70.83%
||
7 Day CHG~0.00%
Published-26 Apr, 2021 | 00:20
Updated-03 Aug, 2024 | 17:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NEC Aterm devices (Aterm WF1200CR firmware Ver1.3.2 and earlier, Aterm WG1200CR firmware Ver1.3.3 and earlier, and Aterm WG2600HS firmware Ver1.5.1 and earlier) allow authenticated attackers to execute arbitrary OS commands by sending a specially crafted request to a specific URL.

Action-Not Available
Vendor-NEC Corporation
Product-aterm_wf1200craterm_wg1200craterm_wg1200cr_firmwareaterm_wg2600hs_firmwareaterm_wg2600hsaterm_wf1200cr_firmwareNEC Aterm devices
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-40895
Matching Score-6
Assigner-JPCERT/CC
ShareView Details
Matching Score-6
Assigner-JPCERT/CC
CVSS Score-6.4||MEDIUM
EPSS-0.41% / 60.28%
||
7 Day CHG~0.00%
Published-30 Jul, 2024 | 08:37
Updated-02 Aug, 2024 | 04:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

FFRI AMC versions 3.4.0 to 3.5.3 and some OEM products that implement/bundle FFRI AMC versions 3.4.0 to 3.5.3 allow a remote unauthenticated attacker to execute arbitrary OS commands when certain conditions are met in an environment where the notification program setting is enabled and the executable file path is set to a batch file (.bat) or command file (.cmd) extension.

Action-Not Available
Vendor-Sky Co., Ltd.FFRI Security, Inc.skygroupffriNEC Corporation
Product-FFRI AMCFFRI AMC for ActSecure χEDR Plus Packffri_amcedr_plus_pack_cloudedr_plus_pack
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-5685
Matching Score-6
Assigner-JPCERT/CC
ShareView Details
Matching Score-6
Assigner-JPCERT/CC
CVSS Score-9.8||CRITICAL
EPSS-0.61% / 68.89%
||
7 Day CHG~0.00%
Published-13 Jan, 2021 | 09:40
Updated-04 Aug, 2024 | 08:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

UNIVERGE SV9500 series from V1 to V7and SV8500 series from S6 to S8 allows an attacker to execute arbitrary OS commands or cause a denial-of-service (DoS) condition by sending a specially crafted request to a specific URL.

Action-Not Available
Vendor-NEC Corporation
Product-univerge_sv8500univerge_sv9500_firmwareuniverge_sv8500_firmwareuniverge_sv9500UNIVERGE SV9500/SV8500 series
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-28015
Matching Score-6
Assigner-NEC Corporation
ShareView Details
Matching Score-6
Assigner-NEC Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.28% / 51.36%
||
7 Day CHG~0.00%
Published-28 Mar, 2024 | 00:56
Updated-14 Jan, 2025 | 04:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper Neutralization of Special Elements used in an OS Command vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP, WF300HP, WG1800HP, WG1400HP, WR8175N, WR9300N, WR8750N, WR8160N, WR9500N, WR8600N, WR8370N, WR8170N, WR8700N, WR8300N, WR8150N, WR4100N, WR4500N, WR8100N, WR8500N, CR2500P, WR8400N, WR8200N, WR1200H, WR7870S, WR6670S, WR7850S, WR6650S, WR6600H, WR7800H, WM3400RN, WM3450RN, WM3500R, WM3600R, WM3800R, WR8166N, MR01LN MR02LN, WG1810HP(JE) and WG1810HP(MF) all versions allows a attacker to execute an arbitrary OS command with the root privilege via the internet.

Action-Not Available
Vendor-NEC Corporation
Product-WR6600HWM3500RW300PWR8300NWR1200HWR6670SWG600HPWF1200HP2WM3400RNWM3800RWR9300NWR8166NWG1800HP4WG2200HPWR8165NWG1200HS3WR6650SWM3450RNWG1200HSWF300HP2WG1200HP3WG1900HP2WF800HPWR8400NWR9500NWR8100NWF1200HPWR8160NWR7800HWR8500NWG1810HP(JE)WG1810HP(MF)WR4500NWR8200NWR8170NWG1800HP2CR2500PWR8600NWG1800HPWG1200HPWF300HPWM3600RWG1900HPWR8150NWG1200HS2WR4100NWG1400HPWR8370NWR8750NWR8175NWR7870SWG1800HP3WG1200HP2WR7850SMR01LNWG300HPMR02LNWR8700NW1200EX(-MS)aterm_wg1800hp4_firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-0626
Matching Score-6
Assigner-JPCERT/CC
ShareView Details
Matching Score-6
Assigner-JPCERT/CC
CVSS Score-7.2||HIGH
EPSS-0.67% / 70.37%
||
7 Day CHG~0.00%
Published-09 Jan, 2019 | 22:00
Updated-05 Aug, 2024 | 03:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Aterm WG1200HP firmware Ver1.0.31 and earlier allows attacker with administrator rights to execute arbitrary OS commands via sysCmd in formWsc parameter.

Action-Not Available
Vendor-NEC Corporation
Product-aterm_wg1200hp_firmwareaterm_wg1200hpWG1200HP
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-25568
Matching Score-4
Assigner-JPCERT/CC
ShareView Details
Matching Score-4
Assigner-JPCERT/CC
CVSS Score-8.8||HIGH
EPSS-0.40% / 59.73%
||
7 Day CHG+0.10%
Published-04 Apr, 2024 | 00:02
Updated-01 Aug, 2024 | 23:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

OS command injection vulnerability in ELECOM wireless LAN routers allows a network-adjacent unauthenticated attacker to execute arbitrary OS commands by sending a specially crafted request to the product. Affected products and versions are as follows: WRC-X3200GST3-B v1.25 and earlier, WRC-G01-W v1.24 and earlier, and WMC-X1800GST-B v1.41 and earlier. Note that WMC-X1800GST-B is also included in e-Mesh Starter Kit "WMC-2LX-B".

Action-Not Available
Vendor-Elecom Co., Ltd.
Product-WRC-G01-WWMC-X1800GST-BWRC-X3200GST3-Bwrc-x3200gst3-b_firmwarewrc-g01-w_firmwarewmc-x1800gst-b
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-24328
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-84.42% / 99.27%
||
7 Day CHG~0.00%
Published-30 Jan, 2024 | 00:00
Updated-28 Aug, 2024 | 16:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the enable parameter in the setMacFilterRules function.

Action-Not Available
Vendor-n/aTOTOLINK
Product-a3300ra3300r_firmwaren/aa3300r_firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-7382
Matching Score-4
Assigner-Sophos Limited
ShareView Details
Matching Score-4
Assigner-Sophos Limited
CVSS Score-8.8||HIGH
EPSS-0.60% / 68.47%
||
7 Day CHG+0.22%
Published-21 Jul, 2025 | 13:28
Updated-22 Jul, 2025 | 13:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A command injection vulnerability in WebAdmin of Sophos Firewall versions older than 21.0 MR2 (21.0.2) can lead to adjacent attackers achieving pre-auth code execution on High Availability (HA) auxiliary devices, if OTP authentication for the admin user is enabled.

Action-Not Available
Vendor-Sophos Ltd.
Product-Sophos Firewall
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-23057
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-3.13% / 86.33%
||
7 Day CHG~0.00%
Published-11 Jan, 2024 | 00:00
Updated-30 Aug, 2024 | 20:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the tz parameter in the setNtpCfg function.

Action-Not Available
Vendor-n/aTOTOLINK
Product-a3300ra3300r_firmwaren/aa3300r_firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-21833
Matching Score-4
Assigner-JPCERT/CC
ShareView Details
Matching Score-4
Assigner-JPCERT/CC
CVSS Score-8.8||HIGH
EPSS-0.17% / 38.85%
||
7 Day CHG~0.00%
Published-10 Jan, 2024 | 23:25
Updated-16 Jun, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple TP-LINK products allow a network-adjacent unauthenticated attacker with access to the product to execute arbitrary OS commands. The affected device, with the initial configuration, allows login only from the LAN port or Wi-Fi.

Action-Not Available
Vendor-TP-Link Systems Inc.
Product-archer_ax3000deco_xe200_firmwarearcher_ax5400archer_axe75deco_x50_firmwarearcher_ax5400_firmwaredeco_x50deco_xe200archer_axe75_firmwarearcher_ax3000_firmwareArcher AX5400Archer AXE75Deco XE200Deco X50Archer AX3000archer_ax3000archer_ax5400archer_axe75deco_x50deco_xe200
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-21773
Matching Score-4
Assigner-JPCERT/CC
ShareView Details
Matching Score-4
Assigner-JPCERT/CC
CVSS Score-8.8||HIGH
EPSS-0.18% / 39.78%
||
7 Day CHG~0.00%
Published-10 Jan, 2024 | 23:24
Updated-03 Jun, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple TP-LINK products allow a network-adjacent unauthenticated attacker with access to the product from the LAN port or Wi-Fi to execute arbitrary OS commands on the product that has pre-specified target devices and blocked URLs in parental control settings.

Action-Not Available
Vendor-TP-Link Systems Inc.
Product-archer_ax3000_firmwaredeco_xe200archer_ax5400archer_ax5400_firmwaredeco_x50_firmwarearcher_ax3000deco_x50deco_xe200_firmwareArcher Air R5Deco XE200Archer AX3000Deco X50Archer AX5400
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-21130
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.70% / 70.97%
||
7 Day CHG~0.00%
Published-22 Apr, 2020 | 17:35
Updated-05 Aug, 2024 | 12:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects WAC505 before 5.0.0.17 and WAC510 before 5.0.0.17.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-wac505_firmwarewac510_firmwarewac505wac510n/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-21126
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.70% / 71.08%
||
7 Day CHG~0.00%
Published-22 Apr, 2020 | 15:51
Updated-05 Aug, 2024 | 12:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects WAC505 before 5.0.0.17 and WAC510 before 5.0.0.17.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-wac505_firmwarewac510_firmwarewac505wac510n/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-3577
Matching Score-4
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-4
Assigner-Lenovo Group Ltd.
CVSS Score-8.8||HIGH
EPSS-86.43% / 99.37%
||
7 Day CHG~0.00%
Published-12 Nov, 2021 | 22:05
Updated-03 Aug, 2024 | 17:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An unauthenticated remote code execution vulnerability was reported in some Motorola-branded Binatone Hubble Cameras that could allow an attacker on the same network unauthorized access to the device.

Action-Not Available
Vendor-binatoneglobalMotorola Mobility LLC. (Lenovo Group Limited)
Product-cn50comfort_85_connect_firmwarecomfort_50_connectcn28mbp3855halo\+_camera_firmwarelux_65_firmwarecn40cn28_firmwarecomfort_85_connectmbp3855_firmwarecomfort_40focus_72r_firmwarembp3667comfort_50_connect_firmwarembp3667_firmwarecn50_firmwareconnect_view_65focus_68_firmwarelux_85_connect_firmwarembp4855_firmwarelux_64_firmwarecn40_firmwarecn75comfort_40_firmwarelux_64focus_72rconnect_20mbp4855lux_65mbp6855focus_68ease44halo\+_camerambp669_connect_firmwareconnect_view_65_firmwareease44_firmwarembp669_connectconnect_20_firmwarecn75_firmwarembp6855_firmwarelux_85_connectBinatone Hubble Cameras
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CWE ID-CWE-863
Incorrect Authorization
CVE-2023-6260
Matching Score-4
Assigner-Security Risk Advisors (SRA)
ShareView Details
Matching Score-4
Assigner-Security Risk Advisors (SRA)
CVSS Score-7.4||HIGH
EPSS-0.11% / 29.54%
||
7 Day CHG~0.00%
Published-19 Feb, 2024 | 21:30
Updated-05 Feb, 2025 | 22:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Web UI OS Command Injection in Brivo ACS100, ACS300

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Brivo ACS100, ACS300 allows OS Command Injection, Bypassing Physical Security.This issue affects ACS100 (Network Adjacent Access), ACS300 (Physical Access): from 5.2.4 before 6.2.4.3.

Action-Not Available
Vendor-brivoBrivobrivo
Product-acs300_firmwareacs300acs100acs100_firmwareACS100, ACS300acs300_firmwareacs100_firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-6895
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.3||MEDIUM
EPSS-92.12% / 99.70%
||
7 Day CHG-0.46%
Published-17 Dec, 2023 | 08:00
Updated-21 Nov, 2024 | 14:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Hikvision Intercom Broadcasting System ping.php os command injection

A vulnerability was found in Hikvision Intercom Broadcasting System 3.0.3_20201113_RELEASE(HIK). It has been declared as critical. This vulnerability affects unknown code of the file /php/ping.php. The manipulation of the argument jsondata[ip] with the input netstat -ano leads to os command injection. The exploit has been disclosed to the public and may be used. Upgrading to version 4.1.0 is able to address this issue. It is recommended to upgrade the affected component. VDB-248254 is the identifier assigned to this vulnerability.

Action-Not Available
Vendor-HIKVISION
Product-ds-kd-disds-kd-mds-kd-kkds-kd-kpds-kd-kk\/sds-kd-infods-kh6350-wte1ds-kh63le1\(b\)ds-kd-kp\/sintercom_broadcast_systemds-kh9310-wte1\(b\)ds-kd8003ime1\(b\)\/flushds-kh8520-wte1ds-kd-eds-kd8003ime1\(b\)ds-kd8003ime1\(b\)\/nsds-kh6320-wte1ds-kd8003ime1\(b\)\/sds-kh6320-te1ds-kh6320-wtde1ds-kh9510-wte1\(b\)ds-kh6220-le1ds-kh6320-le1ds-kh6320-tde1ds-kd-bkds-kh6351-te1ds-kd-inds-kd3003-e6ds-kh6351-wte1ds-kd8003ime1\(b\)\/surfaceIntercom Broadcasting System
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-50200
Matching Score-4
Assigner-Zero Day Initiative
ShareView Details
Matching Score-4
Assigner-Zero Day Initiative
CVSS Score-8.8||HIGH
EPSS-1.82% / 82.11%
||
7 Day CHG~0.00%
Published-03 May, 2024 | 02:14
Updated-10 Mar, 2025 | 16:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
D-Link G416 cfgsave backusb Command Injection Remote Code Execution Vulnerability

D-Link G416 cfgsave backusb Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP service listening on TCP port 80. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-21288.

Action-Not Available
Vendor-D-Link Corporation
Product-g416g416_firmwareG416g416
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-50215
Matching Score-4
Assigner-Zero Day Initiative
ShareView Details
Matching Score-4
Assigner-Zero Day Initiative
CVSS Score-8.8||HIGH
EPSS-1.89% / 82.42%
||
7 Day CHG~0.00%
Published-03 May, 2024 | 02:14
Updated-10 Mar, 2025 | 16:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
D-Link G416 nodered gz File Handling Command Injection Remote Code Execution Vulnerability

D-Link G416 nodered gz File Handling Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP service listening on TCP port 80. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-21809.

Action-Not Available
Vendor-D-Link Corporation
Product-g416g416_firmwareG416g416
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-50205
Matching Score-4
Assigner-Zero Day Initiative
ShareView Details
Matching Score-4
Assigner-Zero Day Initiative
CVSS Score-8.8||HIGH
EPSS-1.42% / 79.78%
||
7 Day CHG~0.00%
Published-03 May, 2024 | 02:14
Updated-10 Mar, 2025 | 16:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
D-Link G416 awsfile chmod Command Injection Remote Code Execution Vulnerability

D-Link G416 awsfile chmod Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP service listening on TCP port 80. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-21298.

Action-Not Available
Vendor-D-Link Corporation
Product-g416g416_firmwareG416g416_firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-33514
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-24.21% / 95.86%
||
7 Day CHG~0.00%
Published-21 May, 2021 | 22:10
Updated-03 Aug, 2024 | 23:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker via the vulnerable /sqfs/lib/libsal.so.0.0 library used by a CGI application, as demonstrated by setup.cgi?token=';$HTTP_USER_AGENT;' with an OS command in the User-Agent field. This affects GC108P before 1.0.7.3, GC108PP before 1.0.7.3, GS108Tv3 before 7.0.6.3, GS110TPPv1 before 7.0.6.3, GS110TPv3 before 7.0.6.3, GS110TUPv1 before 1.0.4.3, GS710TUPv1 before 1.0.4.3, GS716TP before 1.0.2.3, GS716TPP before 1.0.2.3, GS724TPPv1 before 2.0.4.3, GS724TPv2 before 2.0.4.3, GS728TPPv2 before 6.0.6.3, GS728TPv2 before 6.0.6.3, GS752TPPv1 before 6.0.6.3, GS752TPv2 before 6.0.6.3, MS510TXM before 1.0.2.3, and MS510TXUP before 1.0.2.3.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-gs710tup_firmwaregc108p_firmwaregs108tv3gs724tpgs110tupgs110tppgs716tppms510txup_firmwaregs752tppms510txupgs728tp_firmwaregs716tp_firmwarems510txm_firmwaregs728tpp_firmwarems510txmgs728tpgs110tpp_firmwaregs752tp_firmwaregc108pgs716tpp_firmwaregs110tpgs752tpgs710tupgc108ppgs724tpp_firmwaregs110tup_firmwaregs724tppgs728tppgc108pp_firmwaregs752tpp_firmwaregs110tp_firmwaregs108t_firmwaregs716tpgs724tp_firmwaren/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-50206
Matching Score-4
Assigner-Zero Day Initiative
ShareView Details
Matching Score-4
Assigner-Zero Day Initiative
CVSS Score-8.8||HIGH
EPSS-1.42% / 79.78%
||
7 Day CHG~0.00%
Published-03 May, 2024 | 02:14
Updated-10 Mar, 2025 | 16:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
D-Link G416 flupl query_type edit Command Injection Remote Code Execution Vulnerability

D-Link G416 flupl query_type edit Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP service listening on TCP port 80. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-21299.

Action-Not Available
Vendor-D-Link Corporation
Product-g416g416_firmwareG416g416_firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-50216
Matching Score-4
Assigner-Zero Day Initiative
ShareView Details
Matching Score-4
Assigner-Zero Day Initiative
CVSS Score-8.8||HIGH
EPSS-1.82% / 82.11%
||
7 Day CHG~0.00%
Published-03 May, 2024 | 02:14
Updated-10 Mar, 2025 | 16:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
D-Link G416 awsfile tar File Handling Command Injection Remote Code Execution Vulnerability

D-Link G416 awsfile tar File Handling Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP service listening on TCP port 80. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-21810.

Action-Not Available
Vendor-D-Link Corporation
Product-g416g416_firmwareG416g416
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-50207
Matching Score-4
Assigner-Zero Day Initiative
ShareView Details
Matching Score-4
Assigner-Zero Day Initiative
CVSS Score-8.8||HIGH
EPSS-1.42% / 79.78%
||
7 Day CHG~0.00%
Published-03 May, 2024 | 02:14
Updated-10 Mar, 2025 | 16:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
D-Link G416 flupl filename Command Injection Remote Code Execution Vulnerability

D-Link G416 flupl filename Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP service listening on TCP port 80. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-21300.

Action-Not Available
Vendor-D-Link Corporation
Product-g416g416_firmwareG416g416_firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-50198
Matching Score-4
Assigner-Zero Day Initiative
ShareView Details
Matching Score-4
Assigner-Zero Day Initiative
CVSS Score-8.8||HIGH
EPSS-1.82% / 82.11%
||
7 Day CHG~0.00%
Published-03 May, 2024 | 02:14
Updated-10 Mar, 2025 | 16:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
D-Link G416 cfgsave Command Injection Remote Code Execution Vulnerability

D-Link G416 cfgsave Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 wireless routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP service listening on TCP port 80. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-21286.

Action-Not Available
Vendor-D-Link Corporation
Product-g416g416_firmwareG416
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-50213
Matching Score-4
Assigner-Zero Day Initiative
ShareView Details
Matching Score-4
Assigner-Zero Day Initiative
CVSS Score-8.8||HIGH
EPSS-1.42% / 79.78%
||
7 Day CHG~0.00%
Published-03 May, 2024 | 02:14
Updated-10 Mar, 2025 | 16:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
D-Link G416 nodered File Handling Command Injection Remote Code Execution Vulnerability

D-Link G416 nodered File Handling Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP service listening on TCP port 80. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-21807.

Action-Not Available
Vendor-D-Link Corporation
Product-g416g416_firmwareG416g416_firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-50203
Matching Score-4
Assigner-Zero Day Initiative
ShareView Details
Matching Score-4
Assigner-Zero Day Initiative
CVSS Score-8.8||HIGH
EPSS-1.89% / 82.42%
||
7 Day CHG~0.00%
Published-03 May, 2024 | 02:14
Updated-10 Mar, 2025 | 16:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
D-Link G416 nodered chmod Command Injection Remote Code Execution Vulnerability

D-Link G416 nodered chmod Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP service listening on TCP port 80. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-21296.

Action-Not Available
Vendor-D-Link Corporation
Product-g416g416_firmwareG416g416
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-21127
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.24% / 47.49%
||
7 Day CHG~0.00%
Published-22 Apr, 2020 | 17:29
Updated-05 Aug, 2024 | 12:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects WAC505 before 5.0.0.17 and WAC510 before 5.0.0.17.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-wac505_firmwarewac510_firmwarewac505wac510n/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-29379
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-30.38% / 96.53%
||
7 Day CHG~0.00%
Published-12 Apr, 2021 | 04:09
Updated-03 Aug, 2024 | 22:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on D-Link DIR-802 A1 devices through 1.00b05. Universal Plug and Play (UPnP) is enabled by default on port 1900. An attacker can perform command injection by injecting a payload into the Search Target (ST) field of the SSDP M-SEARCH discover packet. NOTE: This vulnerability only affects products that are no longer supported by the maintainer

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-802dir-802_firmwaren/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-27252
Matching Score-4
Assigner-Zero Day Initiative
ShareView Details
Matching Score-4
Assigner-Zero Day Initiative
CVSS Score-8.8||HIGH
EPSS-0.41% / 60.50%
||
7 Day CHG~0.00%
Published-14 Apr, 2021 | 15:45
Updated-03 Aug, 2024 | 20:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the vendor_specific DHCP opcode. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-12216.

Action-Not Available
Vendor-NETGEAR, Inc.
Product-br500_firmwarerbk12rbk43sbr500r8900_firmwarerbr40_firmwarerbk23_firmwarerbk14_firmwarerbk15_firmwareex6410ex6420_firmwareex7300v2_firmwarebr200_firmwareex6250_firmwarerbk53_firmwarexr500_firmwarexr700_firmwarerbk15xr450_firmwareex7300rbk12_firmwarerbs40rbs50y_firmwarer8900rbs40_firmwarer9000_firmwarerbr10rbs10_firmwarerbk43_firmwareex6410_firmwarerbs20rbs50_firmwareex6150r9000rbs50yex7700_firmwarer7800rbk23rbs10r7800_firmwareex6100v2_firmwarerbk20_firmwarexr450ex6150_firmwarexr700ex6400rbk43s_firmwarerbk20ex6400_firmwarerbk14ex7300_firmwarerbk44_firmwarerbs20_firmwarebr200d7800rbk44ex8000rbk40ex7320_firmwarerbr20rbk40_firmwarerbk13xr500ex6400v2_firmwareex6100ex6420d7800_firmwarerbk43ex8000_firmwareex6250rbr10_firmwarerbr40rbs50rbr50_firmwarerbr50ex7700rbk13_firmwarelbr20rbr20_firmwareex7320rbk50rbk53lbr20_firmwarerbk50_firmwareR7800
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
  • Previous
  • 1
  • 2
  • 3
  • 4
  • Next
Details not found