Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2020-7389

Summary
Assigner-rapid7
Assigner Org ID-9974b330-7714-4307-a722-5648477acda7
Published At-22 Jul, 2021 | 18:27
Updated At-16 Sep, 2024 | 16:53
Rejected At-
Credits

Sage X3 Syracuse Missing Authentication for Critical Function in Developer Environment

Sage X3 System CHAINE Variable Script Command Injection. An authenticated user with developer access can pass OS commands via this variable used by the web application. Note, this developer configuration should not be deployed in production.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:rapid7
Assigner Org ID:9974b330-7714-4307-a722-5648477acda7
Published At:22 Jul, 2021 | 18:27
Updated At:16 Sep, 2024 | 16:53
Rejected At:
▼CVE Numbering Authority (CNA)
Sage X3 Syracuse Missing Authentication for Critical Function in Developer Environment

Sage X3 System CHAINE Variable Script Command Injection. An authenticated user with developer access can pass OS commands via this variable used by the web application. Note, this developer configuration should not be deployed in production.

Affected Products
Vendor
Sage
Product
X3
Versions
Affected
  • From V9 before Syracuse 9.22.7.2 (custom)
  • From V11 before Syracuse 11.25.2.6 (custom)
  • From V12 before Syracuse 12.10.2.8 (custom)
Problem Types
TypeCWE IDDescription
CWECWE-306CWE-306 Missing Authentication for Critical Function
Type: CWE
CWE ID: CWE-306
Description: CWE-306 Missing Authentication for Critical Function
Metrics
VersionBase scoreBase severityVector
3.15.5MEDIUM
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N
Version: 3.1
Base score: 5.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Jonathan Peterson, Aaron Herndon, Cale Black, Ryan Villarrea, and William Vu, all of Rapid7
Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://rapid7.com/blog/post/2021/07/07/sage-x3-multiple-vulnerabilities-fixed
x_refsource_MISC
Hyperlink: https://rapid7.com/blog/post/2021/07/07/sage-x3-multiple-vulnerabilities-fixed
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://rapid7.com/blog/post/2021/07/07/sage-x3-multiple-vulnerabilities-fixed
x_refsource_MISC
x_transferred
Hyperlink: https://rapid7.com/blog/post/2021/07/07/sage-x3-multiple-vulnerabilities-fixed
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@rapid7.com
Published At:22 Jul, 2021 | 19:15
Updated At:15 Jul, 2022 | 17:51

Sage X3 System CHAINE Variable Script Command Injection. An authenticated user with developer access can pass OS commands via this variable used by the web application. Note, this developer configuration should not be deployed in production.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.2HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Secondary3.15.5MEDIUM
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N
Primary2.09.0HIGH
AV:N/AC:L/Au:S/C:C/I:C/A:C
Type: Primary
Version: 3.1
Base score: 7.2
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 5.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N
Type: Primary
Version: 2.0
Base score: 9.0
Base severity: HIGH
Vector:
AV:N/AC:L/Au:S/C:C/I:C/A:C
CPE Matches

sage
sage
>>syracuse>>Versions from 9.0(inclusive) to 9.22.7.2(exclusive)
cpe:2.3:a:sage:syracuse:*:*:*:*:*:*:*:*
sage
sage
>>x3>>9.0
cpe:2.3:a:sage:x3:9.0:*:*:*:*:*:*:*
sage
sage
>>syracuse>>Versions from 11.0(inclusive) to 11.25.2.6(exclusive)
cpe:2.3:a:sage:syracuse:*:*:*:*:*:*:*:*
sage
sage
>>x3>>11.0
cpe:2.3:a:sage:x3:11.0:*:*:*:*:*:*:*
sage
sage
>>syracuse>>Versions from 12.0(inclusive) to 12.10.2.8(exclusive)
cpe:2.3:a:sage:syracuse:*:*:*:*:*:*:*:*
sage
sage
>>x3>>12.0
cpe:2.3:a:sage:x3:12.0:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-78Primarynvd@nist.gov
CWE-306Secondarycve@rapid7.com
CWE ID: CWE-78
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-306
Type: Secondary
Source: cve@rapid7.com
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
https://rapid7.com/blog/post/2021/07/07/sage-x3-multiple-vulnerabilities-fixedcve@rapid7.com
Broken Link
https://www.rapid7.com/blog/post/2021/07/07/cve-2020-7387-7390-multiple-sage-x3-vulnerabilities/nvd@nist.gov
Exploit
Third Party Advisory
Hyperlink: https://rapid7.com/blog/post/2021/07/07/sage-x3-multiple-vulnerabilities-fixed
Source: cve@rapid7.com
Resource:
Broken Link
Hyperlink: https://www.rapid7.com/blog/post/2021/07/07/cve-2020-7387-7390-multiple-sage-x3-vulnerabilities/
Source: nvd@nist.gov
Resource:
Exploit
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

1207Records found

CVE-2015-4718
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9||HIGH
EPSS-3.04% / 85.92%
||
7 Day CHG~0.00%
Published-21 Oct, 2015 | 18:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The external SMB storage driver in ownCloud Server before 6.0.8, 7.0.x before 7.0.6, and 8.0.x before 8.0.4 allows remote authenticated users to execute arbitrary SMB commands via a ; (semicolon) character in a file.

Action-Not Available
Vendor-n/aownCloud GmbH
Product-owncloud_serverowncloudn/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-4611
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.6||HIGH
EPSS-3.03% / 85.89%
||
7 Day CHG~0.00%
Published-23 Mar, 2026 | 21:13
Updated-03 Apr, 2026 | 11:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
TOTOLINK X6000R shttpd setLanCfg privilege escalation

A flaw has been found in TOTOLINK X6000R 9.4.0cu.1360_B20241207/9.4.0cu.1498_B20250826. Affected by this issue is the function setLanCfg of the file /usr/sbin/shttpd. Executing a manipulation of the argument Hostname can lead to os command injection. The attack may be launched remotely.

Action-Not Available
Vendor-TOTOLINK
Product-x6000r_firmwarex6000rX6000R
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-4558
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-3.63% / 88.14%
||
7 Day CHG~0.00%
Published-22 Mar, 2026 | 17:29
Updated-30 Apr, 2026 | 16:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Linksys MR9600 SmartConnect.lua smartConnectConfigure os command injection

A flaw has been found in Linksys MR9600 2.0.6.206937. Affected is the function smartConnectConfigure of the file SmartConnect.lua. Executing a manipulation of the argument configApSsid/configApPassphrase/srpLogin/srpPassword can lead to os command injection. The attack may be launched remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-Linksys Holdings, Inc.
Product-mr9600_firmwaremr9600MR9600
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-0279
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-8.8||HIGH
EPSS-4.57% / 90.46%
||
7 Day CHG~0.00%
Published-17 May, 2018 | 03:00
Updated-29 Nov, 2024 | 15:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the Secure Copy Protocol (SCP) server of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote attacker to access the shell of the underlying Linux operating system on the affected device. The vulnerability is due to improper input validation of command arguments. An attacker could exploit this vulnerability by using crafted arguments when opening a connection to the affected device. An exploit could allow the attacker to gain shell access with a non-root user account to the underlying Linux operating system on the affected device. Due to the system design, access to the Linux shell could allow execution of additional attacks that may have a significant impact on the affected system. This vulnerability affects Cisco devices that are running release 3.7.1, 3.6.3, or earlier releases of Cisco Enterprise NFV Infrastructure Software (NFVIS) when access to the SCP server is allowed on the affected device. Cisco NFVIS Releases 3.5.x and 3.6.x do allow access to the SCP server by default, while Cisco NFVIS Release 3.7.1 does not. Cisco Bug IDs: CSCvh25026.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-enterprise_nfv_infrastructure_softwareCisco Enterprise NFV Infrastructure Software
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-13129
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-17.80% / 96.80%
||
7 Day CHG~0.00%
Published-03 Jan, 2025 | 21:31
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Roxy-WI roxy.py action_service os command injection

A vulnerability was found in Roxy-WI up to 8.1.3. It has been declared as critical. Affected by this vulnerability is the function action_service of the file app/modules/roxywi/roxy.py. The manipulation of the argument action/service leads to os command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 8.1.4 is able to address this issue. The identifier of the patch is 32313928eb9ce906887b8a30bf7b9a3d5c0de1be. It is recommended to upgrade the affected component.

Action-Not Available
Vendor-n/a
Product-Roxy-WI
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-13089
Matching Score-4
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-4
Assigner-Nozomi Networks Inc.
CVSS Score-7.5||HIGH
EPSS-0.99% / 58.33%
||
7 Day CHG~0.00%
Published-10 Jun, 2025 | 10:29
Updated-12 Jun, 2025 | 16:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Authenticated RCE in update functionality in Guardian/CMC before 24.6.0

An OS command injection vulnerability within the update functionality may allow an authenticated administrator to execute unauthorized arbitrary OS commands. Users with administrative privileges may upload update packages to upgrade the versions of Nozomi Networks Guardian and CMC. While these updates are signed and their signatures are validated prior to installation, an improper signature validation check has been identified. This issue could potentially enable users to execute commands remotely on the appliance, thereby impacting confidentiality, integrity, and availability.

Action-Not Available
Vendor-Nozomi Networks
Product-CMCGuardian
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-14412
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-3.68% / 88.33%
||
7 Day CHG~0.00%
Published-29 Jun, 2020 | 16:33
Updated-04 Aug, 2024 | 12:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NeDi 1.9C is vulnerable to Remote Command Execution. System-Snapshot.php improperly escapes shell metacharacters from a POST request. An attacker can exploit this by crafting an arbitrary payload (any system commands) that contains shell metacharacters via a POST request with a psw parameter. (This can also be exploited via CSRF.)

Action-Not Available
Vendor-nedin/a
Product-nedin/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-14414
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-3.68% / 88.33%
||
7 Day CHG~0.00%
Published-29 Jun, 2020 | 16:41
Updated-04 Aug, 2024 | 12:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NeDi 1.9C is vulnerable to Remote Command Execution. pwsec.php improperly escapes shell metacharacters from a POST request. An attacker can exploit this by crafting an arbitrary payload (any system commands) that contains shell metacharacters via a POST request with a pw parameter. (This can also be exploited via CSRF.)

Action-Not Available
Vendor-nedin/a
Product-nedin/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-12009
Matching Score-4
Assigner-Zyxel Corporation
ShareView Details
Matching Score-4
Assigner-Zyxel Corporation
CVSS Score-7.2||HIGH
EPSS-1.13% / 62.42%
||
7 Day CHG~0.00%
Published-11 Mar, 2025 | 01:37
Updated-26 Feb, 2026 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A post-authentication command injection vulnerability in the "ZyEE" function of the Zyxel EX5601-T1 firmware version V5.70(ACDZ.3.6)C0 and earlier could allow an authenticated attacker with administrator privileges to execute operating system (OS) commands on a vulnerable device.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-ex3501-t0ex3500-t0ex3510-b1_firmwareex5512-t0_firmwareex3300-t1_firmwarewx5610-b0ex5401-b1emg5523-t50bvmg8825-t50k_firmwarevmg3927-t50k_firmwarevmg3625-t50b_firmwarevmg8825-t50kex5510-b0dx3300-t0ex5501-b0_firmwarewx5610-b0_firmwaredx4510-b0ex5501-b0px5301-t0dx4510-b1ex5401-b1_firmwareex5401-b0vmg3625-t50bex3500-t0_firmwareex3600-t0ex3510-b1ee6510-10_firmwareemg3525-t50bex3301-t0_firmwarevmg8623-t50bax7501-b1_firmwarewx5600-t0ex3600-t0_firmwaredx5401-b0ex7710-b0_firmwareex5601-t1dx3300-t0_firmwarepx3321-t1emg5723-t50k_firmwarevmg3927-t50kex7710-b0ex3501-t0_firmwareex3300-t1ex5512-t0dx5401-b1_firmwareex3300-t0ax7501-b0dx3300-t1emg3525-t50b_firmwareee6510-10dx5401-b0_firmwareax7501-b1ex3300-t0_firmwareex7501-b0_firmwareex5601-t0_firmwaredx3300-t1_firmwaredx4510-b0_firmwareex3301-t0dx3301-t0_firmwarewx5600-t0_firmwareex3510-b0vmg8623-t50b_firmwareex5601-t0ex3510-b0_firmwareemg5523-t50b_firmwaredx3301-t0dx4510-b1_firmwaredx5401-b1emg5723-t50kex5401-b0_firmwarepx3321-t1_firmwareex5510-b0_firmwarepx5301-t0_firmwareex7501-b0ax7501-b0_firmwareex5601-t1_firmwareEX5601-T1 firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-11983
Matching Score-4
Assigner-TWCERT/CC
ShareView Details
Matching Score-4
Assigner-TWCERT/CC
CVSS Score-7.2||HIGH
EPSS-1.09% / 61.41%
||
7 Day CHG~0.00%
Published-29 Nov, 2024 | 06:57
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Billion Electric router - OS Command Injection

Certain models of routers from Billion Electric has an OS Command Injection vulnerability, allowing remote attackers with administrator privileges to inject arbitrary system commands into a specific SSH function and execute them on the device.

Action-Not Available
Vendor-Billion Electricbillion_electric
Product-M120NM100M150M500m120nm100m150m500
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-13404
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-6.54% / 92.98%
||
7 Day CHG~0.00%
Published-05 Aug, 2020 | 20:59
Updated-04 Aug, 2024 | 12:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ATOS/Sips (aka Atos-Magento) community module 3.0.0 to 3.0.5 for Magento allows command injection.

Action-Not Available
Vendor-quadra-informatiquen/a
Product-atos\/sipsn/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-43685
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-7.2||HIGH
EPSS-0.46% / 36.52%
||
7 Day CHG~0.00%
Published-12 May, 2026 | 22:24
Updated-14 May, 2026 | 13:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Remote Code Execution vulnerability in Claris FileMaker Cloud allowed a user with Admin Console privileges to inject arbitrary operating system commands through unsanitized input in the External ODBC Data Source connection test feature. This issue is fixed in FileMaker Cloud 2.22.0.5.

Action-Not Available
Vendor-Claris International Inc.
Product-filemaker_cloudFileMaker Cloud
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-13252
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-5.42% / 91.73%
||
7 Day CHG~0.00%
Published-21 May, 2020 | 03:35
Updated-04 Aug, 2024 | 12:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Centreon before 19.04.15 allows remote attackers to execute arbitrary OS commands by placing shell metacharacters in RRDdatabase_status_path (via a main.get.php request) and then visiting the include/views/graphs/graphStatus/displayServiceStatus.php page.

Action-Not Available
Vendor-n/aCENTREON
Product-centreonn/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-13695
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-1.40% / 69.29%
||
7 Day CHG~0.00%
Published-01 Jun, 2020 | 17:45
Updated-04 Aug, 2024 | 12:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In QuickBox Community Edition through 2.5.5 and Pro Edition through 2.1.8, the local www-data user has sudo privileges to execute grep as root without a password, which allows an attacker to obtain sensitive information via a grep of a /root/*.db or /etc/shadow file.

Action-Not Available
Vendor-quickboxn/a
Product-quickboxn/a
CWE ID-CWE-269
Improper Privilege Management
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2016-1000216
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-6.72% / 93.14%
||
7 Day CHG~0.00%
Published-10 Oct, 2016 | 20:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Ruckus Wireless H500 web management interface authenticated command injection

Action-Not Available
Vendor-ruckusn/a
Product-wireless_h500n/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-13778
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-4.21% / 89.76%
||
7 Day CHG~0.00%
Published-19 Oct, 2020 | 12:54
Updated-04 Aug, 2024 | 12:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

rConfig 3.9.4 and earlier allows authenticated code execution (of system commands) by sending a forged GET request to lib/ajaxHandlers/ajaxAddTemplate.php or lib/ajaxHandlers/ajaxEditTemplate.php.

Action-Not Available
Vendor-rconfign/a
Product-rconfign/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-14144
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-93.69% / 99.83%
||
7 Day CHG~0.00%
Published-16 Oct, 2020 | 13:02
Updated-04 Aug, 2024 | 12:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The git hook feature in Gitea 1.1.0 through 1.12.5 might allow for authenticated remote code execution in customer environments where the documentation was not understood (e.g., one viewpoint is that the dangerousness of this feature should be documented immediately above the ENABLE_GIT_HOOKS line in the config file). NOTE: The vendor has indicated this is not a vulnerability and states "This is a functionality of the software that is limited to a very limited subset of accounts. If you give someone the privilege to execute arbitrary code on your server, they can execute arbitrary code on your server. We provide very clear warnings to users around this functionality and what it provides.

Action-Not Available
Vendor-gitean/a
Product-gitean/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-14081
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-2.23% / 80.62%
||
7 Day CHG~0.00%
Published-15 Jun, 2020 | 03:36
Updated-04 Aug, 2024 | 12:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

TRENDnet TEW-827DRU devices through 2.06B04 contain multiple command injections in apply.cgi via the action send_log_email with the key auth_acname (or auth_passwd), allowing an authenticated user to run arbitrary commands on the device.

Action-Not Available
Vendor-n/aTRENDnet, Inc.
Product-tew-827dru_firmwaretew-827drun/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-13694
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-1.67% / 73.95%
||
7 Day CHG~0.00%
Published-01 Jun, 2020 | 15:19
Updated-04 Aug, 2024 | 12:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In QuickBox Community Edition through 2.5.5 and Pro Edition through 2.1.8, the local www-data user can execute sudo mysql without a password, which means that the www-data user can execute arbitrary OS commands via the mysql -e option.

Action-Not Available
Vendor-quickboxn/a
Product-quickboxn/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-13448
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-17.77% / 96.80%
||
7 Day CHG~0.00%
Published-01 Jun, 2020 | 15:19
Updated-04 Aug, 2024 | 12:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

QuickBox Community Edition through 2.5.5 and Pro Edition through 2.1.8 allows an authenticated remote attacker to execute code on the server via command injection in the servicestart parameter.

Action-Not Available
Vendor-quickboxn/a
Product-quickboxn/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-13851
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-91.09% / 99.80%
||
7 Day CHG~0.00%
Published-11 Jun, 2020 | 02:15
Updated-04 Aug, 2024 | 12:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Artica Pandora FMS 7.44 allows remote command execution via the events feature.

Action-Not Available
Vendor-n/aPandora FMS S.L.U.
Product-pandora_fmsn/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-14075
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-3.07% / 86.04%
||
7 Day CHG~0.00%
Published-15 Jun, 2020 | 03:36
Updated-04 Aug, 2024 | 12:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

TRENDnet TEW-827DRU devices through 2.06B04 contain multiple command injections in apply.cgi via the action pppoe_connect, ru_pppoe_connect, or dhcp_connect with the key wan_ifname (or wan0_dns), allowing an authenticated user to run arbitrary commands on the device.

Action-Not Available
Vendor-n/aTRENDnet, Inc.
Product-tew-827dru_firmwaretew-827drun/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-35019
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-7.2||HIGH
EPSS-1.00% / 58.58%
||
7 Day CHG~0.00%
Published-31 Jul, 2023 | 00:27
Updated-18 Oct, 2024 | 20:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IBM Security Verify Governance command execution

IBM Security Verify Governance, Identity Manager 10.0 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 257873.

Action-Not Available
Vendor-IBM Corporation
Product-security_verify_governanceSecurity Verify Governance, Identity Manager
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-11064
Matching Score-4
Assigner-TWCERT/CC
ShareView Details
Matching Score-4
Assigner-TWCERT/CC
CVSS Score-7.2||HIGH
EPSS-1.32% / 67.50%
||
7 Day CHG~0.00%
Published-11 Nov, 2024 | 07:35
Updated-15 Nov, 2024 | 18:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
D-Link DSL6740C - OS Command Injection

The D-Link DSL6740C modem has an OS Command Injection vulnerability, allowing remote attackers with administrator privileges to inject and execute arbitrary system commands through a specific functionality provided by SSH and Telnet.

Action-Not Available
Vendor-D-Link Corporation
Product-dsl6740cdsl6740c_firmwareDSL6740Cdsl6740c_firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-11005
Matching Score-4
Assigner-Ivanti
ShareView Details
Matching Score-4
Assigner-Ivanti
CVSS Score-9.1||CRITICAL
EPSS-1.65% / 73.69%
||
7 Day CHG~0.00%
Published-12 Nov, 2024 | 16:07
Updated-17 Jan, 2025 | 20:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Command injection in Ivanti Connect Secure before version 22.7R2.1 (Not Applicable to 9.1Rx) and Ivanti Policy Secure before version 22.7R1.1 (Not Applicable to 9.1Rx) allows a remote authenticated attacker with admin privileges to achieve remote code execution.

Action-Not Available
Vendor-Ivanti Software
Product-connect_securepolicy_securePolicy SecureConnect Securepolicy_secureconnect_secure
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-4253
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.1||MEDIUM
EPSS-6.53% / 92.97%
||
7 Day CHG~0.00%
Published-16 Mar, 2026 | 17:02
Updated-20 Mar, 2026 | 12:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda AC8 Web UploadCfg route_set_user_policy_rule os command injection

A security flaw has been discovered in Tenda AC8 16.03.50.11. This affects the function route_set_user_policy_rule of the file /cgi-bin/UploadCfg of the component Web Interface. The manipulation of the argument wans.policy.list1 results in os command injection. It is possible to launch the attack remotely. The exploit has been released to the public and may be used for attacks.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-ac8ac8_firmwareAC8
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-11950
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-2.69% / 84.02%
||
7 Day CHG~0.00%
Published-28 May, 2020 | 12:44
Updated-04 Aug, 2024 | 11:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

VIVOTEK Network Cameras before XXXXX-VVTK-2.2002.xx.01x (and before XXXXX-VVTK-0XXXX_Beta2) allows an authenticated user to upload and execute a script (with resultant execution of OS commands). For example, this affects IT9388-HT devices.

Action-Not Available
Vendor-vivotekn/a
Product-ib8382-rt_firmwareib8379-hfd8177-ht_firmwarefe9582-ehnvfd9387-htvfe9180-hfd8167a-sib9388-htfd9367-ehtv_firmwareib9389-ht_firmwarefd9387-ehvib9381-\(e\)ht_firmwarefd9387-hvcd8371-hnvf2fd9388-htv_firmwareib836b-hf3fd9371-\(e\)htvsd9362-ehfd9381-\(e\)htv_firmwarefd8369a-v_firmwareip9191-hp_firmwarefd9165-ht-aib9367-htfd8379-hv_firmwaresd9366-ehfd9391-ehtvfd8167a-s_firmwarefd836b-htv_firmwarefd9365-ehtv_firmwaresd9363-ehl_firmwarefd9187-ht_firmwareit9389-hmd8563-dehfd9368-htv_firmwarefd9380-hfd9189-hm_firmwarefd9365-ehtv-a_firmwarefe9391-ev_firmwareib9365-htib8382-et_firmwarefd9189-hfd8177-hfd9365-htvl_firmwarefd9389-hmvfd9389-ehmv_firmwarefd816ca-hf2cc8160\(hs\)_firmwareib9381-\(e\)htfd9167-htfd9365-htv-a_firmwareib836ba-hf3_firmwareib8377-htfe9391-evfd9366-hv_firmwareib9391-eht_firmwaresd9364-ehib9389-ehm_firmwarefd9367-htv\(epoc\)ib9365-ht-a_firmwarefd8182-t_firmwarefd9171-htit9388-ht_firmwarefd9365-htv-afd8382-etv_firmwareip9165-lpcib9389-ehmmd8563-ehib9387-h_firmwarefd836b-htvib9387-eht-afd8377-htv_firmwaresd9362-eh-v2_firmwarefe9191ib8382-f3fd8182-f2ib9387-ht-a_firmwarevc8101_firmwarefd8369a-vit9360-h_firmwarefd9360-hfd8179-hib9387-ht-afd8382-tvip8160_firmwareip8160-wfd9187-ht-ama9321-ehtv_firmwarefd816ba-ht_firmwareib8360ib8360-wfd836ba-hvf2fe9382-ehv_firmwarevs8100-v2_firmwarefe9182-h_firmwaremd9560-dhib8382-ef3fd8182-f1fe9182-hfd9166-hn_firmwaremd9560-hib9389-hib9387-hib8360-w_firmwaremd9561-h_firmwarefd8166a-n_firmwarecd8371-hntv_firmwarecc9381-hv_firmwareib836ba-ht_firmwaresd9362-ehlmd9561-hfd9365-htvsd9363-ehl-v2_firmwarefd8377-ehtv_firmwaremd8564-ehfd9391-ehtv_firmwarefd9387-ehv_firmwareip9165-hpip8166fd9367-hv_firmwareib836ba-htcc8160_firmwareib836b-hf3_firmwarefd9389-hv_firmwarefd8382-vf2_firmwareip9167-hp_firmwarefd9187-hip9191-hpib8360_firmwaretb9330-eib8382-rf3fe9382-ehvfd836b-ehvf2_firmwareit9360-hip9167-hpfd9365-htvlib9371-\(e\)htib8382-ef3_firmwareib8369afd9367-hvib9367-h_firmwarefd9181-ht_firmwarefe9191_firmwareib836b-ehf3_firmwarecd8371-hntvib8382-rf3_firmwareip9164-lpc_firmwareib8377-hfd816b-hf2md8565-n_firmwareip9171-hp_firmwareib8369a_firmwarefd8179-h_firmwarefd9187-ht-a_firmwarecc9381-hvsd9364-ehl-v2_firmwareib9389-ehtfd816b-hf2_firmwareib9371-\(e\)ht_firmwareip9164-htit9389-ht_firmwareib8367acc8160\(hs\)fd8382-tv_firmwareip8160cc8371-hvsd9364-eh-v2ib9389-h_firmwaresd9362-eh_firmwarems9321-ehvib836b-htib836ba-ehf3_firmwarefd8382-evf2fd836ba-ehvf2fd816c-hf2_firmwarefd9389-ehmviz9361-eh_firmwareib9387-eht_firmwareib9387-ehtfd9389-ehvib9360-h_firmwarefd9365-htv_firmwaresd9365-ehl_firmwarefd8177-htib8382-f3_firmwaresd9374-ehl\(x\)ib9367-ht_firmwarefd9388-htvfd9167-h_firmwarevc8101ib8382-rtip9165-lpc_firmwareib836b-ht_firmwareib836b-eht_firmwaresd9366-eh_firmwareib9368-htfe9180-h_firmwarefd9181-htfd9389-htvib9389-eht_firmwaresd9364-eh-v2_firmwarefd836ba-hvf2_firmwarefd9371-\(e\)htv_firmwareib8377-ht_firmwarefd9165-htfd8182-f2_firmwareip9167-htfd9167-hfd8167afd836b-hvf2ip9164-ht_firmwareib9367-ehtfd9368-htvfe9381-ehvib9387-ht_firmwarefd9171-ht_firmwarefd9387-ehtvfd816ba-hf2fd8182-f1_firmwarems9321-ehv_firmwareit9380-hfd9387-htv-afd8367a-v_firmwarefd836ba-ehtvfd9189-h_firmwaresd9361-ehl_firmwarefd8382-vf2ip9172-lpc_firmwarems9390-hvib836b-ehtib9387-ehfd9360-h_firmwareip9181-h_firmwarefd836ba-htvfd9387-ehtv-acc8370-hvfd9380-h_firmwareib9365-eht_firmwareib836b-hrf3_firmwarefd9366-hvib8382-t_firmwaresd9366-eh-v2_firmwaremd9560-h_firmwaremd9560-dh_firmwarefd9166-hnsd9374-ehl\(x\)_firmwareib8367a_firmwarefd9387-htv_firmwarecc8371-hv_firmwarema9322-ehtv_firmwareib9365-eht-a_firmwarefd9187-h_firmwarefd816ca-hf2_firmwarefd9167-ht_firmwareip9181-hfd8382-evf2_firmwaremd8564-eh_firmwaremd9581-h_firmwareip9191-htsd9366-eh-v2ip9167-ht_firmwarefd8177-h_firmwarefd816b-ht_firmwarefd8366-vip9165-htib836b-ehf3fd8166a-nfe9181-h_firmwareib9389-ehib9367-eh_firmwarefd836b-ehtv_firmwarefd9387-ehtv_firmwaretb9331-efd816ba-htsd9365-ehlfe9181-hfd836ba-htv_firmwarefd9389-ehv_firmwaresd9361-ehlib836b-hrf3ib9365-ht_firmwareip9164-lpcfd9165-ht_firmwareib9367-ehsd9362-eh-v2ib9391-ehtib9367-hfd8377-ehtvit9380-h_firmwareib8377-eht_firmwarefd8169a_firmwareib836ba-hf3fe8182fd836ba-ehvf2_firmwarefe9380-hv_firmwarefd8166aip9165-hp_firmwarefd9367-ehtvib9389-hm_firmwareib8377-ehtib9365-eht-aib8382-etcc8370-hv_firmwareip9172-lpcfd8169a-s_firmwareib9387-htib9365-ht-aip9191-ht_firmwarefe9380-hvfe9582-ehnv_firmwarefd9367-htv\(epoc\)_firmwaresd9364-ehl_firmwarefe8182_firmwaremd8563-deh_firmwarema9322-ehtvtb9331-e_firmwareit9389-h_firmwarefd816c-hf2fd9165-ht-a_firmwareib9380-h_firmwaresd9363-ehl-v2ib9365-ehtfd9381-\(e\)htvmd8565-nib836ba-ehtfd9367-htv_firmwareip8160-w_firmwarefd9189-hmfd8377-hvib9389-eh_firmwareib836ba-eht_firmwareip9165-lpc\(i-cs_kit\)ib8382-tfd9389-ehtv_firmwarefd8169aib9368-ht_firmwarefd8167a_firmwaresd9364-ehlcd8371-hnvf2_firmwareit9389-htsd9364-ehl-v2fd836b-ehvf2fd9367-htvfd8366-v_firmwareib9388-ht_firmwareip8166_firmwareip9171-hpib8377-h_firmwarefd816ba-hf2_firmwarefd836b-hvf2_firmwarefd816b-htmd9581-hmd8563-eh_firmwarefd9387-ehtv-a_firmwaresd9366-ehlfd8166a_firmwareip9165-ht_firmwarefd8182-tfd9365-ehtvms9390-hv_firmwarefe9381-ehv_firmwareip9165-lpc\(i-cs_kit\)_firmwarefd8377-htvfd9389-ehtvfd9189-ht_firmwareib9387-eh_firmwareit9388-htib9360-hfd8367a-vcc8160vs8100-v2sd9161-hfd9187-htfd9389-hvfd8169a-ssd9362-ehl_firmwareib9380-htb9330-e_firmwarefd8382-etvma9321-ehtvsd9363-ehlsd9364-eh_firmwarefd836b-ehtvib9389-htib836ba-ehf3ib9389-hmib9387-eht-a_firmwareiz9361-ehsd9366-ehl_firmwarefd8379-hvfd8377-hv_firmwarefd9389-hmv_firmwarefd9387-htv-a_firmwareib9367-eht_firmwarefd836ba-ehtv_firmwarefd9389-htv_firmwareib8379-h_firmwarefd9189-htsd9161-h_firmwarefd9365-ehtv-afd9387-hv_firmwaren/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-11852
Matching Score-4
Assigner-OpenText (formerly Micro Focus)
ShareView Details
Matching Score-4
Assigner-OpenText (formerly Micro Focus)
CVSS Score-8.8||HIGH
EPSS-1.37% / 68.54%
||
7 Day CHG~0.00%
Published-07 Aug, 2020 | 15:53
Updated-04 Aug, 2024 | 11:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

DKIM key management page vulnerability on Micro Focus Secure Messaging Gateway (SMG). Affecting all SMG Appliance running releases prior to July 2020. The vulnerability could allow a logged in user with rights to generate DKIM key information to inject system commands into the call to the DKIM system command.

Action-Not Available
Vendor-n/aMicro Focus International Limited
Product-secure_messaging_gatewaySecure Messaging Gateway ( SMG).
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-12513
Matching Score-4
Assigner-CERT@VDE
ShareView Details
Matching Score-4
Assigner-CERT@VDE
CVSS Score-7.5||HIGH
EPSS-31.11% / 98.05%
||
7 Day CHG~0.00%
Published-22 Jan, 2021 | 19:01
Updated-16 Sep, 2024 | 17:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Pepper+Fuchs Comtrol IO-Link Master OS Command Injection

Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated blind OS Command Injection.

Action-Not Available
Vendor-pepperl-fuchsPepper+Fuchs
Product-io-link_master_dr-8-eip_firmwareio-link_master_dr-8-pnio-p_firmwareio-link_master_dr-8-pnio-tio-link_master_dr-8-eipio-link_master_dr-8-eip-t_firmwareio-link_master_4-eip_firmwareio-link_master_dr-8-eip-p_firmwareio-link_master_4-pnioio-link_master_8-pnio-lio-link_master_8-pnio-l_firmwareio-link_master_4-pnio_firmwareio-link_master_dr-8-pnio-t_firmwareio-link_master_4-eipio-link_master_8-eip-lio-link_master_8-pnio_firmwareio-link_master_8-eip_firmwareio-link_master_8-eip-l_firmwareio-link_master_dr-8-pnio-pio-link_master_dr-8-eip-pio-link_master_8-pnioio-link_master_8-eipio-link_master_dr-8-pnio_firmwareio-link_master_dr-8-eip-tio-link_master_dr-8-pnioComtrol IO-Link Master
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-11065
Matching Score-4
Assigner-TWCERT/CC
ShareView Details
Matching Score-4
Assigner-TWCERT/CC
CVSS Score-7.2||HIGH
EPSS-1.32% / 67.50%
||
7 Day CHG~0.00%
Published-11 Nov, 2024 | 07:45
Updated-15 Nov, 2024 | 18:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
D-Link DSL6740C - OS Command Injection

The D-Link DSL6740C modem has an OS Command Injection vulnerability, allowing remote attackers with administrator privileges to inject and execute arbitrary system commands through a specific functionality provided by SSH and Telnet.

Action-Not Available
Vendor-D-Link Corporation
Product-dsl6740cdsl6740c_firmwareDSL6740Cdsl6740c_firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-12111
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-7.95% / 94.04%
||
7 Day CHG~0.00%
Published-04 May, 2020 | 14:05
Updated-04 Aug, 2024 | 11:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain TP-Link devices allow Command Injection. This affects NC260 1.5.2 build 200304 and NC450 1.5.3 build 200304.

Action-Not Available
Vendor-n/aTP-Link Systems Inc.
Product-nc260_firmwarenc450_firmwarenc260nc450n/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-11733
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.7||MEDIUM
EPSS-1.56% / 72.19%
||
7 Day CHG~0.00%
Published-13 Aug, 2020 | 13:59
Updated-04 Aug, 2024 | 11:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on Spirent TestCenter and Avalanche appliance admin interface firmware. An attacker, who already has access to an SSH restricted shell, can achieve root access via shell metacharacters. The attacker can then, for example, read sensitive files such as appliance admin configuration source code. This affects Spirent TestCenter and Avalanche products which chassis version <= 5.08. The SSH restricted shell is available with default credentials.

Action-Not Available
Vendor-spirentn/a
Product-avalanchetestcenterc100-mpn/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-11699
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-9.64% / 94.91%
||
7 Day CHG~0.00%
Published-17 Sep, 2020 | 16:31
Updated-04 Aug, 2024 | 11:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Titan SpamTitan 7.07. Improper validation of the parameter fname on the page certs-x.php would allow an attacker to execute remote code on the target server. The user has to be authenticated before interacting with this page.

Action-Not Available
Vendor-titanhqn/a
Product-spamtitann/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-12246
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-4.90% / 91.03%
||
7 Day CHG~0.00%
Published-29 Apr, 2020 | 12:34
Updated-04 Aug, 2024 | 11:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Beeline Smart Box 2.0.38 routers allow "Advanced settings > Other > Diagnostics" OS command injection via the Ping ping_ipaddr parameter, the Nslookup nslookup_ipaddr parameter, or the Traceroute traceroute_ipaddr parameter.

Action-Not Available
Vendor-beelinen/a
Product-smart_box_firmwaresmart_boxn/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-11953
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-2.47% / 82.56%
||
7 Day CHG~0.00%
Published-14 Jul, 2020 | 13:02
Updated-04 Aug, 2024 | 11:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on Rittal PDU-3C002DEC through 5.15.40 and CMCIII-PU-9333E0FB through 3.15.70_4 devices. Attackers can execute code.

Action-Not Available
Vendor-rittaln/a
Product-cmciii-pu-9333e0fb_firmwarepdu-3c002dec_firmwareiot_interface_3124.300lcp-cw_firmwarecmc_iii_pu_7030.000_firmwarecmciii-pu-9333e0fbpdu-3c002declcp-cwcmc_iii_pu_7030.000n/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-11007
Matching Score-4
Assigner-Ivanti
ShareView Details
Matching Score-4
Assigner-Ivanti
CVSS Score-9.1||CRITICAL
EPSS-1.65% / 73.69%
||
7 Day CHG~0.00%
Published-12 Nov, 2024 | 16:05
Updated-22 Nov, 2024 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Command injection in Ivanti Connect Secure before version 22.7R2.1 (Not Applicable to 9.1Rx) and Ivanti Policy Secure before version 22.7R1.1 (Not Applicable to 9.1Rx) allows a remote authenticated attacker with admin privileges to achieve remote code execution.

Action-Not Available
Vendor-Ivanti Software
Product-policy_secureconnect_securePolicy SecureConnect Securepolicy_secureconnect_secure
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-12109
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-74.34% / 99.43%
||
7 Day CHG~0.00%
Published-04 May, 2020 | 15:06
Updated-04 Aug, 2024 | 11:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain TP-Link devices allow Command Injection. This affects NC200 2.1.9 build 200225, NC210 1.0.9 build 200304, NC220 1.3.0 build 200304, NC230 1.3.0 build 200304, NC250 1.3.0 build 200304, NC260 1.5.2 build 200304, and NC450 1.5.3 build 200304.

Action-Not Available
Vendor-n/aTP-Link Systems Inc.
Product-nc200_firmwarenc220nc450_firmwarenc250_firmwarenc260nc260_firmwarenc250nc210nc210_firmwarenc200nc230nc450nc230_firmwarenc220_firmwaren/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-37882
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.2||HIGH
EPSS-1.34% / 67.93%
||
7 Day CHG+0.04%
Published-20 Sep, 2022 | 19:53
Updated-28 May, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise in Aruba ClearPass Policy Manager version(s): 6.10.x: 6.10.6 and below; 6.9.x: 6.9.11 and below. Aruba has released upgrades for Aruba ClearPass Policy Manager that address these security vulnerabilities.

Action-Not Available
Vendor-n/aAruba Networks
Product-clearpass_policy_managerAruba ClearPass Policy Manager
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-11253
Matching Score-4
Assigner-Zyxel Corporation
ShareView Details
Matching Score-4
Assigner-Zyxel Corporation
CVSS Score-7.2||HIGH
EPSS-1.13% / 62.42%
||
7 Day CHG~0.00%
Published-11 Mar, 2025 | 01:29
Updated-26 Feb, 2026 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A post-authentication command injection vulnerability in the "DNSServer” parameter of the diagnostic function in the Zyxel VMG8825-T50K firmware version V5.50(ABOM.8.5)C0 and earlier could allow an authenticated attacker with administrator privileges to execute operating system (OS) commands on a vulnerable device.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-emg5723-t50kvmg4005-b60a_firmwareemg5723-t50k_firmwarevmg3927-t50kvmg4005-b50avmg8825-t50kdm4200-b0_firmwarevmg4005-b50a_firmwaredm4200-b0vmg8825-t50k_firmwarevmg3927-t50k_firmwarevmg4005-b60aVMG8825-T50K firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-12078
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-10.00% / 95.04%
||
7 Day CHG~0.00%
Published-28 Apr, 2020 | 13:26
Updated-04 Aug, 2024 | 11:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Open-AudIT 3.3.1. There is shell metacharacter injection via attributes to an open-audit/configuration/ URI. An attacker can exploit this by adding an excluded IP address to the global discovery settings (internally called exclude_ip). This exclude_ip value is passed to the exec function in the discoveries_helper.php file (inside the all_ip_list function) without being filtered, which means that the attacker can provide a payload instead of a valid IP address.

Action-Not Available
Vendor-opmantekn/a
Product-open-auditn/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-11063
Matching Score-4
Assigner-TWCERT/CC
ShareView Details
Matching Score-4
Assigner-TWCERT/CC
CVSS Score-7.2||HIGH
EPSS-1.32% / 67.50%
||
7 Day CHG~0.00%
Published-11 Nov, 2024 | 07:30
Updated-15 Nov, 2024 | 18:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
D-Link DSL6740C - OS Command Injection

The D-Link DSL6740C modem has an OS Command Injection vulnerability, allowing remote attackers with administrator privileges to inject and execute arbitrary system commands through a specific functionality provided by SSH and Telnet.

Action-Not Available
Vendor-D-Link Corporation
Product-dsl6740cdsl6740c_firmwareDSL6740Cdsl6740c_firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-11066
Matching Score-4
Assigner-TWCERT/CC
ShareView Details
Matching Score-4
Assigner-TWCERT/CC
CVSS Score-7.2||HIGH
EPSS-1.80% / 75.82%
||
7 Day CHG~0.00%
Published-11 Nov, 2024 | 07:49
Updated-24 Nov, 2024 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
D-Link DSL6740C - OS Command Injection

The D-Link DSL6740C modem has an OS Command Injection vulnerability, allowing remote attackers with administrator privileges to inject and execute arbitrary system commands through the specific web page.

Action-Not Available
Vendor-D-Link Corporation
Product-dsl6740cdsl6740c_firmwareDSL6740Cdsl6740c_firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-11006
Matching Score-4
Assigner-Ivanti
ShareView Details
Matching Score-4
Assigner-Ivanti
CVSS Score-9.1||CRITICAL
EPSS-1.65% / 73.69%
||
7 Day CHG~0.00%
Published-12 Nov, 2024 | 16:06
Updated-17 Jan, 2025 | 20:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Command injection in Ivanti Connect Secure before version 22.7R2.1 (Not Applicable to 9.1Rx) and Ivanti Policy Secure before version 22.7R1.1 (Not Applicable to 9.1Rx) allows a remote authenticated attacker with admin privileges to achieve remote code execution.

Action-Not Available
Vendor-Ivanti Software
Product-connect_securepolicy_securePolicy SecureConnect Securepolicy_secureconnect_secure
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-10818
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-2.92% / 85.34%
||
7 Day CHG~0.00%
Published-22 Mar, 2020 | 19:53
Updated-04 Aug, 2024 | 11:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Artica Proxy 4.26 allows remote command execution for an authenticated user via shell metacharacters in the "Modify the hostname" field.

Action-Not Available
Vendor-n/aArtica Tech SARL
Product-artica_proxyn/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-10583
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-2.77% / 84.52%
||
7 Day CHG~0.00%
Published-25 Mar, 2021 | 19:47
Updated-04 Aug, 2024 | 11:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The /admin/admapi.php script of Invigo Automatic Device Management (ADM) through 5.0 allows remote authenticated attackers to execute arbitrary OS commands on the server as the user running the application.

Action-Not Available
Vendor-invigon/a
Product-automatic_device_managementn/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-10808
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-77.26% / 99.50%
||
7 Day CHG~0.00%
Published-22 Mar, 2020 | 16:07
Updated-04 Aug, 2024 | 11:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vesta Control Panel (VestaCP) through 0.9.8-26 allows Command Injection via the schedule/backup Backup Listing Endpoint. The attacker must be able to create a crafted filename on the server, as demonstrated by an FTP session that renames .bash_logout to a .bash_logout' substring followed by shell metacharacters.

Action-Not Available
Vendor-vestacpn/a
Product-vesta_control_paneln/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-10795
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-3.81% / 88.74%
||
7 Day CHG~0.00%
Published-07 May, 2020 | 20:33
Updated-04 Aug, 2024 | 11:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Gira TKS-IP-Gateway 4.0.7.7 is vulnerable to authenticated remote code execution via the backup functionality of the web frontend. This can be combined with CVE-2020-10794 for remote root access.

Action-Not Available
Vendor-giran/a
Product-tks-ip-gatewaytks-ip-gateway_firmwaren/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-11490
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-1.93% / 77.50%
||
7 Day CHG~0.00%
Published-02 Apr, 2020 | 13:07
Updated-04 Aug, 2024 | 11:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Manage::Certificates in Zen Load Balancer 3.10.1 allows remote authenticated admins to execute arbitrary OS commands via shell metacharacters in the index.cgi cert_issuer, cert_division, cert_organization, cert_locality, cert_state, cert_country, or cert_email parameter.

Action-Not Available
Vendor-zevenetn/a
Product-zen_load_balancern/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-10221
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-36.75% / 98.31%
||
7 Day CHG~0.00%
Published-08 Mar, 2020 | 21:03
Updated-07 Nov, 2025 | 19:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-05-03||Apply updates per vendor instructions.

lib/ajaxHandlers/ajaxAddTemplate.php in rConfig through 3.94 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the fileName POST parameter.

Action-Not Available
Vendor-rconfign/arConfig
Product-rconfign/arConfig
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-10173
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-77.28% / 99.50%
||
7 Day CHG~0.00%
Published-05 Mar, 2020 | 14:36
Updated-04 Aug, 2024 | 10:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Comtrend VR-3033 DE11-416SSG-C01_R02.A2pvI042j1.d26m devices have Multiple Authenticated Command Injection vulnerabilities via the ping and traceroute diagnostic pages, as demonstrated by shell metacharacters in the pingIpAddress parameter to ping.cgi.

Action-Not Available
Vendor-comtrendn/a
Product-vr-3033vr-3033_firmwaren/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • ...
  • 24
  • 25
  • Next
Details not found