Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2022-27224

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-09 May, 2022 | 14:29
Updated At-22 May, 2026 | 14:36
Rejected At-
Credits

An issue was discovered in Galleon NTS-6002-GPS 4.14.103-Galleon-NTS-6002.V12 4. An authenticated attacker can perform command injection as root via shell metacharacters within the Network Tools section of the web-management interface. All three networking tools are affected (Ping, Traceroute, and DNS Lookup) and their respective input fields (ping_address, trace_address, nslookup_address). NOTE: this is disputed by the Supplier because the affected components were never shipped in a production release (they were only present in development releases), and because no privilege boundary is crossed (an applicable "authenticated attacker" always also has the supported ability to make an SSH connection as root).

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:09 May, 2022 | 14:29
Updated At:22 May, 2026 | 14:36
Rejected At:
▼CVE Numbering Authority (CNA)

An issue was discovered in Galleon NTS-6002-GPS 4.14.103-Galleon-NTS-6002.V12 4. An authenticated attacker can perform command injection as root via shell metacharacters within the Network Tools section of the web-management interface. All three networking tools are affected (Ping, Traceroute, and DNS Lookup) and their respective input fields (ping_address, trace_address, nslookup_address). NOTE: this is disputed by the Supplier because the affected components were never shipped in a production release (they were only present in development releases), and because no privilege boundary is crossed (an applicable "authenticated attacker" always also has the supported ability to make an SSH connection as root).

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://www.galsys.co.uk/support/software-download.html
N/A
https://gist.github.com/somerandomdudeonetheinternet/2caeb201e249160fa82204ef640c8cdf
N/A
https://www.pentestpartners.com/security-blog/galleon-nts-6002-gps-command-injection-vulnerability-cve-2022-27224/
N/A
https://www.galsys.co.uk/manuals/NTS/NTS-6002-V12-web-config-manual.pdf
N/A
Hyperlink: https://www.galsys.co.uk/support/software-download.html
Resource: N/A
Hyperlink: https://gist.github.com/somerandomdudeonetheinternet/2caeb201e249160fa82204ef640c8cdf
Resource: N/A
Hyperlink: https://www.pentestpartners.com/security-blog/galleon-nts-6002-gps-command-injection-vulnerability-cve-2022-27224/
Resource: N/A
Hyperlink: https://www.galsys.co.uk/manuals/NTS/NTS-6002-V12-web-config-manual.pdf
Resource: N/A
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://www.galsys.co.uk/support/software-download.html
x_refsource_MISC
x_transferred
https://gist.github.com/somerandomdudeonetheinternet/2caeb201e249160fa82204ef640c8cdf
x_refsource_MISC
x_transferred
https://www.pentestpartners.com/security-blog/galleon-nts-6002-gps-command-injection-vulnerability-cve-2022-27224/
x_refsource_MISC
x_transferred
Hyperlink: https://www.galsys.co.uk/support/software-download.html
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://gist.github.com/somerandomdudeonetheinternet/2caeb201e249160fa82204ef640c8cdf
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://www.pentestpartners.com/security-blog/galleon-nts-6002-gps-command-injection-vulnerability-cve-2022-27224/
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:09 May, 2022 | 15:15
Updated At:21 Nov, 2024 | 06:55

An issue was discovered in Galleon NTS-6002-GPS 4.14.103-Galleon-NTS-6002.V12 4. An authenticated attacker can perform command injection as root via shell metacharacters within the Network Tools section of the web-management interface. All three networking tools are affected (Ping, Traceroute, and DNS Lookup) and their respective input fields (ping_address, trace_address, nslookup_address).

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.2HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Primary2.09.0HIGH
AV:N/AC:L/Au:S/C:C/I:C/A:C
Type: Primary
Version: 3.1
Base score: 7.2
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 9.0
Base severity: HIGH
Vector:
AV:N/AC:L/Au:S/C:C/I:C/A:C
CPE Matches

galsys
galsys
>>nts-6002-gps_firmware>>4.14.103-galleon-nts-6002.v12_4
cpe:2.3:o:galsys:nts-6002-gps_firmware:4.14.103-galleon-nts-6002.v12_4:*:*:*:*:*:*:*
galsys
galsys
>>nts-6002-gps>>-
cpe:2.3:h:galsys:nts-6002-gps:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-78Primarynvd@nist.gov
CWE ID: CWE-78
Type: Primary
Source: nvd@nist.gov
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
https://gist.github.com/somerandomdudeonetheinternet/2caeb201e249160fa82204ef640c8cdfcve@mitre.org
Third Party Advisory
https://www.galsys.co.uk/support/software-download.htmlcve@mitre.org
Product
Vendor Advisory
https://www.pentestpartners.com/security-blog/galleon-nts-6002-gps-command-injection-vulnerability-cve-2022-27224/cve@mitre.org
Exploit
Third Party Advisory
https://gist.github.com/somerandomdudeonetheinternet/2caeb201e249160fa82204ef640c8cdfaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://www.galsys.co.uk/support/software-download.htmlaf854a3a-2127-422b-91ae-364da2661108
Product
Vendor Advisory
https://www.pentestpartners.com/security-blog/galleon-nts-6002-gps-command-injection-vulnerability-cve-2022-27224/af854a3a-2127-422b-91ae-364da2661108
Exploit
Third Party Advisory
Hyperlink: https://gist.github.com/somerandomdudeonetheinternet/2caeb201e249160fa82204ef640c8cdf
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: https://www.galsys.co.uk/support/software-download.html
Source: cve@mitre.org
Resource:
Product
Vendor Advisory
Hyperlink: https://www.pentestpartners.com/security-blog/galleon-nts-6002-gps-command-injection-vulnerability-cve-2022-27224/
Source: cve@mitre.org
Resource:
Exploit
Third Party Advisory
Hyperlink: https://gist.github.com/somerandomdudeonetheinternet/2caeb201e249160fa82204ef640c8cdf
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: https://www.galsys.co.uk/support/software-download.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Product
Vendor Advisory
Hyperlink: https://www.pentestpartners.com/security-blog/galleon-nts-6002-gps-command-injection-vulnerability-cve-2022-27224/
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

1189Records found

CVE-2025-15499
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-5.27% / 91.56%
||
7 Day CHG~0.00%
Published-09 Jan, 2026 | 21:32
Updated-23 Feb, 2026 | 08:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Sangfor Operation and Maintenance Management System VersionController.java uploadCN os command injection

A vulnerability has been found in Sangfor Operation and Maintenance Management System up to 3.0.8. This vulnerability affects the function uploadCN of the file VersionController.java. The manipulation of the argument filename leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-Sangfor Technologies Inc.
Product-operation_and_maintenance_management_systemOperation and Maintenance Management System
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2012-6602
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9||HIGH
EPSS-3.00% / 85.73%
||
7 Day CHG~0.00%
Published-31 Aug, 2013 | 17:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The device-management command-line interface in Palo Alto Networks PAN-OS before 3.1.10 and 4.0.x before 4.0.4 allows remote authenticated users to execute arbitrary commands via unspecified vectors, aka Ref ID 30122.

Action-Not Available
Vendor-n/aPalo Alto Networks, Inc.
Product-pan-osn/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2012-6598
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9||HIGH
EPSS-3.00% / 85.73%
||
7 Day CHG~0.00%
Published-31 Aug, 2013 | 17:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The device-management command-line interface in Palo Alto Networks PAN-OS 4.0.x before 4.0.8 allows remote authenticated users to execute arbitrary commands via unspecified vectors, aka Ref ID 33080.

Action-Not Available
Vendor-n/aPalo Alto Networks, Inc.
Product-pan-osn/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-15467
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-3.15% / 86.38%
||
7 Day CHG~0.00%
Published-04 Aug, 2020 | 12:48
Updated-04 Aug, 2024 | 13:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The administrative interface of Cohesive Networks vns3:vpn appliances before version 4.11.1 is vulnerable to authenticated remote code execution leading to server compromise.

Action-Not Available
Vendor-cohesiven/a
Product-vns3n/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2012-6599
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9||HIGH
EPSS-3.00% / 85.73%
||
7 Day CHG~0.00%
Published-31 Aug, 2013 | 17:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The device-management command-line interface in Palo Alto Networks PAN-OS 4.0.x before 4.0.8 and 4.1.x before 4.1.1 allows remote authenticated users to execute arbitrary commands via unspecified vectors, aka Ref ID 33476.

Action-Not Available
Vendor-n/aPalo Alto Networks, Inc.
Product-pan-osn/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2012-6600
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9||HIGH
EPSS-3.09% / 86.12%
||
7 Day CHG~0.00%
Published-31 Aug, 2013 | 17:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The device-management command-line interface in Palo Alto Networks PAN-OS 4.0.x before 4.0.9 and 4.1.x before 4.1.2 allows remote authenticated users to execute arbitrary commands via unspecified vectors, aka Ref ID 34502.

Action-Not Available
Vendor-n/aPalo Alto Networks, Inc.
Product-pan-osn/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2012-6594
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9||HIGH
EPSS-3.00% / 85.73%
||
7 Day CHG~0.00%
Published-31 Aug, 2013 | 17:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The device-management command-line interface in Palo Alto Networks PAN-OS before 3.1.11, 4.0.x before 4.0.8, and 4.1.x before 4.1.1 allows remote authenticated administrators to execute arbitrary commands via unspecified vectors, aka Ref ID 34299.

Action-Not Available
Vendor-n/aPalo Alto Networks, Inc.
Product-pan-osn/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2012-6605
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9||HIGH
EPSS-3.21% / 86.65%
||
7 Day CHG~0.00%
Published-31 Aug, 2013 | 17:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The device-management command-line interface in Palo Alto Networks PAN-OS before 3.1.11 and 4.0.x before 4.0.9 allows remote authenticated users to execute arbitrary code via unspecified vectors, aka Ref ID 34896.

Action-Not Available
Vendor-n/aPalo Alto Networks, Inc.
Product-pan-osn/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2012-6604
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9||HIGH
EPSS-3.21% / 86.65%
||
7 Day CHG~0.00%
Published-31 Aug, 2013 | 17:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The device-management command-line interface in Palo Alto Networks PAN-OS before 3.1.11 and 4.0.x before 4.0.9 allows remote authenticated users to execute arbitrary code via unspecified vectors, aka Ref ID 35249.

Action-Not Available
Vendor-n/aPalo Alto Networks, Inc.
Product-pan-osn/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-14092
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.1||MEDIUM
EPSS-14.68% / 96.25%
||
7 Day CHG~0.00%
Published-05 Dec, 2025 | 16:02
Updated-24 Feb, 2026 | 05:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Edimax BR-6478AC V3 formDebugDiagnosticRun sub_416898 os command injection

A security vulnerability has been detected in Edimax BR-6478AC V3 1.0.15. This issue affects the function sub_416898 of the file /boafrm/formDebugDiagnosticRun. The manipulation of the argument host leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-Edimax Technology Company Ltd.
Product-br-6478ac_v3br-6478ac_v3_firmwareBR-6478AC V3
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2019-16701
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-19.61% / 97.06%
||
7 Day CHG~0.00%
Published-25 Sep, 2019 | 15:45
Updated-05 Aug, 2024 | 01:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

pfSense through 2.3.4 through 2.4.4-p3 allows Remote Code Injection via a methodCall XML document with a pfsense.exec_php call containing shell metacharacters in a parameter value.

Action-Not Available
Vendor-netgaten/a
Product-pfsensen/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2012-3366
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-9||HIGH
EPSS-3.82% / 88.78%
||
7 Day CHG~0.00%
Published-03 Jul, 2012 | 16:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Trigger plugin in bcfg2 1.2.x before 1.2.3 allows remote attackers with root access to the client to execute arbitrary commands via shell metacharacters in the UUID field to the server process (bcfg2-server).

Action-Not Available
Vendor-anln/a
Product-bcfg2n/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-13404
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-6.54% / 92.97%
||
7 Day CHG~0.00%
Published-05 Aug, 2020 | 20:59
Updated-04 Aug, 2024 | 12:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ATOS/Sips (aka Atos-Magento) community module 3.0.0 to 3.0.5 for Magento allows command injection.

Action-Not Available
Vendor-quadra-informatiquen/a
Product-atos\/sipsn/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2012-3076
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-9||HIGH
EPSS-2.17% / 80.02%
||
7 Day CHG~0.00%
Published-12 Jul, 2012 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The administrative web interface on Cisco TelePresence Recording Server before 1.8.0 allows remote authenticated users to execute arbitrary commands via unspecified vectors, aka Bug ID CSCth85804.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-telepresence_recording_servern/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-37878
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.2||HIGH
EPSS-1.31% / 67.07%
||
7 Day CHG-0.01%
Published-20 Sep, 2022 | 19:58
Updated-28 May, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise in Aruba ClearPass Policy Manager version(s): 6.10.x: 6.10.6 and below; 6.9.x: 6.9.11 and below. Aruba has released upgrades for Aruba ClearPass Policy Manager that address these security vulnerabilities.

Action-Not Available
Vendor-n/aAruba Networks
Product-clearpass_policy_managerAruba ClearPass Policy Manager
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-11730
Matching Score-4
Assigner-Zyxel Corporation
ShareView Details
Matching Score-4
Assigner-Zyxel Corporation
CVSS Score-7.2||HIGH
EPSS-1.35% / 68.22%
||
7 Day CHG~0.00%
Published-05 Feb, 2026 | 01:55
Updated-26 Feb, 2026 | 15:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A post‑authentication command injection vulnerability in the Dynamic DNS (DDNS) configuration CLI command in Zyxel ATP series firmware versions from V5.35 through V5.41, USG FLEX series firmware versions from V5.35 through V5.41, USG FLEX 50(W) series firmware versions from V5.35 through V5.41, and USG20(W)-VPN series firmware versions from V5.35 through V5.41 could allow an authenticated attacker with administrator privileges to execute operating system (OS) commands on an affected device by supplying a specially crafted string as an argument to the CLI command.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-ATP series firmwareUSG20(W)-VPN series firmwareUSG FLEX 50(W) series firmwareUSG FLEX series firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-11733
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.7||MEDIUM
EPSS-1.56% / 72.18%
||
7 Day CHG~0.00%
Published-13 Aug, 2020 | 13:59
Updated-04 Aug, 2024 | 11:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on Spirent TestCenter and Avalanche appliance admin interface firmware. An attacker, who already has access to an SSH restricted shell, can achieve root access via shell metacharacters. The attacker can then, for example, read sensitive files such as appliance admin configuration source code. This affects Spirent TestCenter and Avalanche products which chassis version <= 5.08. The SSH restricted shell is available with default credentials.

Action-Not Available
Vendor-spirentn/a
Product-avalanchetestcenterc100-mpn/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-11950
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-2.69% / 84.01%
||
7 Day CHG~0.00%
Published-28 May, 2020 | 12:44
Updated-04 Aug, 2024 | 11:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

VIVOTEK Network Cameras before XXXXX-VVTK-2.2002.xx.01x (and before XXXXX-VVTK-0XXXX_Beta2) allows an authenticated user to upload and execute a script (with resultant execution of OS commands). For example, this affects IT9388-HT devices.

Action-Not Available
Vendor-vivotekn/a
Product-ib8382-rt_firmwareib8379-hfd8177-ht_firmwarefe9582-ehnvfd9387-htvfe9180-hfd8167a-sib9388-htfd9367-ehtv_firmwareib9389-ht_firmwarefd9387-ehvib9381-\(e\)ht_firmwarefd9387-hvcd8371-hnvf2fd9388-htv_firmwareib836b-hf3fd9371-\(e\)htvsd9362-ehfd9381-\(e\)htv_firmwarefd8369a-v_firmwareip9191-hp_firmwarefd9165-ht-aib9367-htfd8379-hv_firmwaresd9366-ehfd9391-ehtvfd8167a-s_firmwarefd836b-htv_firmwarefd9365-ehtv_firmwaresd9363-ehl_firmwarefd9187-ht_firmwareit9389-hmd8563-dehfd9368-htv_firmwarefd9380-hfd9189-hm_firmwarefd9365-ehtv-a_firmwarefe9391-ev_firmwareib9365-htib8382-et_firmwarefd9189-hfd8177-hfd9365-htvl_firmwarefd9389-hmvfd9389-ehmv_firmwarefd816ca-hf2cc8160\(hs\)_firmwareib9381-\(e\)htfd9167-htfd9365-htv-a_firmwareib836ba-hf3_firmwareib8377-htfe9391-evfd9366-hv_firmwareib9391-eht_firmwaresd9364-ehib9389-ehm_firmwarefd9367-htv\(epoc\)ib9365-ht-a_firmwarefd8182-t_firmwarefd9171-htit9388-ht_firmwarefd9365-htv-afd8382-etv_firmwareip9165-lpcib9389-ehmmd8563-ehib9387-h_firmwarefd836b-htvib9387-eht-afd8377-htv_firmwaresd9362-eh-v2_firmwarefe9191ib8382-f3fd8182-f2ib9387-ht-a_firmwarevc8101_firmwarefd8369a-vit9360-h_firmwarefd9360-hfd8179-hib9387-ht-afd8382-tvip8160_firmwareip8160-wfd9187-ht-ama9321-ehtv_firmwarefd816ba-ht_firmwareib8360ib8360-wfd836ba-hvf2fe9382-ehv_firmwarevs8100-v2_firmwarefe9182-h_firmwaremd9560-dhib8382-ef3fd8182-f1fe9182-hfd9166-hn_firmwaremd9560-hib9389-hib9387-hib8360-w_firmwaremd9561-h_firmwarefd8166a-n_firmwarecd8371-hntv_firmwarecc9381-hv_firmwareib836ba-ht_firmwaresd9362-ehlmd9561-hfd9365-htvsd9363-ehl-v2_firmwarefd8377-ehtv_firmwaremd8564-ehfd9391-ehtv_firmwarefd9387-ehv_firmwareip9165-hpip8166fd9367-hv_firmwareib836ba-htcc8160_firmwareib836b-hf3_firmwarefd9389-hv_firmwarefd8382-vf2_firmwareip9167-hp_firmwarefd9187-hip9191-hpib8360_firmwaretb9330-eib8382-rf3fe9382-ehvfd836b-ehvf2_firmwareit9360-hip9167-hpfd9365-htvlib9371-\(e\)htib8382-ef3_firmwareib8369afd9367-hvib9367-h_firmwarefd9181-ht_firmwarefe9191_firmwareib836b-ehf3_firmwarecd8371-hntvib8382-rf3_firmwareip9164-lpc_firmwareib8377-hfd816b-hf2md8565-n_firmwareip9171-hp_firmwareib8369a_firmwarefd8179-h_firmwarefd9187-ht-a_firmwarecc9381-hvsd9364-ehl-v2_firmwareib9389-ehtfd816b-hf2_firmwareib9371-\(e\)ht_firmwareip9164-htit9389-ht_firmwareib8367acc8160\(hs\)fd8382-tv_firmwareip8160cc8371-hvsd9364-eh-v2ib9389-h_firmwaresd9362-eh_firmwarems9321-ehvib836b-htib836ba-ehf3_firmwarefd8382-evf2fd836ba-ehvf2fd816c-hf2_firmwarefd9389-ehmviz9361-eh_firmwareib9387-eht_firmwareib9387-ehtfd9389-ehvib9360-h_firmwarefd9365-htv_firmwaresd9365-ehl_firmwarefd8177-htib8382-f3_firmwaresd9374-ehl\(x\)ib9367-ht_firmwarefd9388-htvfd9167-h_firmwarevc8101ib8382-rtip9165-lpc_firmwareib836b-ht_firmwareib836b-eht_firmwaresd9366-eh_firmwareib9368-htfe9180-h_firmwarefd9181-htfd9389-htvib9389-eht_firmwaresd9364-eh-v2_firmwarefd836ba-hvf2_firmwarefd9371-\(e\)htv_firmwareib8377-ht_firmwarefd9165-htfd8182-f2_firmwareip9167-htfd9167-hfd8167afd836b-hvf2ip9164-ht_firmwareib9367-ehtfd9368-htvfe9381-ehvib9387-ht_firmwarefd9171-ht_firmwarefd9387-ehtvfd816ba-hf2fd8182-f1_firmwarems9321-ehv_firmwareit9380-hfd9387-htv-afd8367a-v_firmwarefd836ba-ehtvfd9189-h_firmwaresd9361-ehl_firmwarefd8382-vf2ip9172-lpc_firmwarems9390-hvib836b-ehtib9387-ehfd9360-h_firmwareip9181-h_firmwarefd836ba-htvfd9387-ehtv-acc8370-hvfd9380-h_firmwareib9365-eht_firmwareib836b-hrf3_firmwarefd9366-hvib8382-t_firmwaresd9366-eh-v2_firmwaremd9560-h_firmwaremd9560-dh_firmwarefd9166-hnsd9374-ehl\(x\)_firmwareib8367a_firmwarefd9387-htv_firmwarecc8371-hv_firmwarema9322-ehtv_firmwareib9365-eht-a_firmwarefd9187-h_firmwarefd816ca-hf2_firmwarefd9167-ht_firmwareip9181-hfd8382-evf2_firmwaremd8564-eh_firmwaremd9581-h_firmwareip9191-htsd9366-eh-v2ip9167-ht_firmwarefd8177-h_firmwarefd816b-ht_firmwarefd8366-vip9165-htib836b-ehf3fd8166a-nfe9181-h_firmwareib9389-ehib9367-eh_firmwarefd836b-ehtv_firmwarefd9387-ehtv_firmwaretb9331-efd816ba-htsd9365-ehlfe9181-hfd836ba-htv_firmwarefd9389-ehv_firmwaresd9361-ehlib836b-hrf3ib9365-ht_firmwareip9164-lpcfd9165-ht_firmwareib9367-ehsd9362-eh-v2ib9391-ehtib9367-hfd8377-ehtvit9380-h_firmwareib8377-eht_firmwarefd8169a_firmwareib836ba-hf3fe8182fd836ba-ehvf2_firmwarefe9380-hv_firmwarefd8166aip9165-hp_firmwarefd9367-ehtvib9389-hm_firmwareib8377-ehtib9365-eht-aib8382-etcc8370-hv_firmwareip9172-lpcfd8169a-s_firmwareib9387-htib9365-ht-aip9191-ht_firmwarefe9380-hvfe9582-ehnv_firmwarefd9367-htv\(epoc\)_firmwaresd9364-ehl_firmwarefe8182_firmwaremd8563-deh_firmwarema9322-ehtvtb9331-e_firmwareit9389-h_firmwarefd816c-hf2fd9165-ht-a_firmwareib9380-h_firmwaresd9363-ehl-v2ib9365-ehtfd9381-\(e\)htvmd8565-nib836ba-ehtfd9367-htv_firmwareip8160-w_firmwarefd9189-hmfd8377-hvib9389-eh_firmwareib836ba-eht_firmwareip9165-lpc\(i-cs_kit\)ib8382-tfd9389-ehtv_firmwarefd8169aib9368-ht_firmwarefd8167a_firmwaresd9364-ehlcd8371-hnvf2_firmwareit9389-htsd9364-ehl-v2fd836b-ehvf2fd9367-htvfd8366-v_firmwareib9388-ht_firmwareip8166_firmwareip9171-hpib8377-h_firmwarefd816ba-hf2_firmwarefd836b-hvf2_firmwarefd816b-htmd9581-hmd8563-eh_firmwarefd9387-ehtv-a_firmwaresd9366-ehlfd8166a_firmwareip9165-ht_firmwarefd8182-tfd9365-ehtvms9390-hv_firmwarefe9381-ehv_firmwareip9165-lpc\(i-cs_kit\)_firmwarefd8377-htvfd9389-ehtvfd9189-ht_firmwareib9387-eh_firmwareit9388-htib9360-hfd8367a-vcc8160vs8100-v2sd9161-hfd9187-htfd9389-hvfd8169a-ssd9362-ehl_firmwareib9380-htb9330-e_firmwarefd8382-etvma9321-ehtvsd9363-ehlsd9364-eh_firmwarefd836b-ehtvib9389-htib836ba-ehf3ib9389-hmib9387-eht-a_firmwareiz9361-ehsd9366-ehl_firmwarefd8379-hvfd8377-hv_firmwarefd9389-hmv_firmwarefd9387-htv-a_firmwareib9367-eht_firmwarefd836ba-ehtv_firmwarefd9389-htv_firmwareib8379-h_firmwarefd9189-htsd9161-h_firmwarefd9365-ehtv-afd9387-hv_firmwaren/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-12513
Matching Score-4
Assigner-CERT@VDE
ShareView Details
Matching Score-4
Assigner-CERT@VDE
CVSS Score-7.5||HIGH
EPSS-31.11% / 98.05%
||
7 Day CHG~0.00%
Published-22 Jan, 2021 | 19:01
Updated-16 Sep, 2024 | 17:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Pepper+Fuchs Comtrol IO-Link Master OS Command Injection

Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated blind OS Command Injection.

Action-Not Available
Vendor-pepperl-fuchsPepper+Fuchs
Product-io-link_master_dr-8-eip_firmwareio-link_master_dr-8-pnio-p_firmwareio-link_master_dr-8-pnio-tio-link_master_dr-8-eipio-link_master_dr-8-eip-t_firmwareio-link_master_4-eip_firmwareio-link_master_dr-8-eip-p_firmwareio-link_master_4-pnioio-link_master_8-pnio-lio-link_master_8-pnio-l_firmwareio-link_master_4-pnio_firmwareio-link_master_dr-8-pnio-t_firmwareio-link_master_4-eipio-link_master_8-eip-lio-link_master_8-pnio_firmwareio-link_master_8-eip_firmwareio-link_master_8-eip-l_firmwareio-link_master_dr-8-pnio-pio-link_master_dr-8-eip-pio-link_master_8-pnioio-link_master_8-eipio-link_master_dr-8-pnio_firmwareio-link_master_dr-8-eip-tio-link_master_dr-8-pnioComtrol IO-Link Master
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-37900
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.2||HIGH
EPSS-1.69% / 74.32%
||
7 Day CHG~0.00%
Published-03 Nov, 2022 | 18:56
Updated-01 May, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities results in the ability to execute arbitrary commands as a privileged user on the underlying operating system.

Action-Not Available
Vendor-Aruba NetworksHewlett Packard Enterprise (HPE)
Product-702470107205arubaos7220728070307008sd-wan72107240xm7005Aruba Mobility Conductor (formerly Mobility Master); Aruba Mobility Controllers; WLAN Gateways and SD-WAN Gateways managed by Aruba Central
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-10239
Matching Score-4
Assigner-Progress Software Corporation
ShareView Details
Matching Score-4
Assigner-Progress Software Corporation
CVSS Score-7.2||HIGH
EPSS-0.35% / 26.84%
||
7 Day CHG~0.00%
Published-09 Oct, 2025 | 12:42
Updated-26 Feb, 2026 | 17:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Unintended command execution via troubleshooting scripts in Progress Flowmon

In Flowmon versions prior to 12.5.5, a vulnerability has been identified that allows a user with administrator privileges and access to the management interface to execute additional unintended commands within scripts intended for troubleshooting purposes.

Action-Not Available
Vendor-Progress Software Corporation
Product-Flowmon
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-66052
Matching Score-4
Assigner-CERT.PL
ShareView Details
Matching Score-4
Assigner-CERT.PL
CVSS Score-8.6||HIGH
EPSS-1.33% / 67.57%
||
7 Day CHG~0.00%
Published-09 Jan, 2026 | 11:54
Updated-14 Jan, 2026 | 17:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Command injection in Vivotek IP7137 cameras

Vivotek IP7137 camera with firmware version 0200a is vulnerable to command injection. Parameter "system_ntpIt" used by "/cgi-bin/admin/setparam.cgi" endpoint is not sanitized properly, allowing a user with administrative privileges to perform an attack. Due to CVE-2025-66050, administrative access is not protected by default,  The vendor has not replied to the CNA Possibly all firmware versions are affected. Since the product has met End-Of-Life phase, a fix is not expected to be released.

Action-Not Available
Vendor-vivotekVivotek
Product-ip7137_firmwareip7137IP7137
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-11490
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-1.93% / 77.49%
||
7 Day CHG~0.00%
Published-02 Apr, 2020 | 13:07
Updated-04 Aug, 2024 | 11:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Manage::Certificates in Zen Load Balancer 3.10.1 allows remote authenticated admins to execute arbitrary OS commands via shell metacharacters in the index.cgi cert_issuer, cert_division, cert_organization, cert_locality, cert_state, cert_country, or cert_email parameter.

Action-Not Available
Vendor-zevenetn/a
Product-zen_load_balancern/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-10985
Matching Score-4
Assigner-Ivanti
ShareView Details
Matching Score-4
Assigner-Ivanti
CVSS Score-7.2||HIGH
EPSS-21.11% / 97.27%
||
7 Day CHG~0.00%
Published-14 Oct, 2025 | 14:20
Updated-26 Feb, 2026 | 17:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

OS command injection in the admin panel of Ivanti EPMM before version 12.6.0.2, 12.5.0.4, and 12.4.0.4 allows a remote authenticated attacker with admin privileges to achieve remote code execution.

Action-Not Available
Vendor-Ivanti Software
Product-endpoint_manager_mobileEndpoint Manager Mobile
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-10775
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.1||MEDIUM
EPSS-20.02% / 97.12%
||
7 Day CHG~0.00%
Published-22 Sep, 2025 | 01:02
Updated-07 Oct, 2025 | 20:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Wavlink WL-NU516U1 login.cgi sub_4012A0 os command injection

A security vulnerability has been detected in Wavlink WL-NU516U1 240425. This vulnerability affects the function sub_4012A0 of the file /cgi-bin/login.cgi. Such manipulation of the argument ipaddr leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-WAVLINK Technology Ltd.
Product-wl-nu516u1_firmwarewl-nu516u1WL-NU516U1
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-38547
Matching Score-4
Assigner-Zyxel Corporation
ShareView Details
Matching Score-4
Assigner-Zyxel Corporation
CVSS Score-7.2||HIGH
EPSS-2.81% / 84.76%
||
7 Day CHG~0.00%
Published-07 Feb, 2023 | 00:00
Updated-25 Mar, 2025 | 15:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A post-authentication command injection vulnerability in the CLI command of Zyxel ZyWALL/USG series firmware versions 4.20 through 4.72, VPN series firmware versions 4.30 through 5.32, USG FLEX series firmware versions 4.50 through 5.32, and ATP series firmware versions 4.32 through 5.32, which could allow an authenticated attacker with administrator privileges to execute OS commands.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-usg60_firmwarevpn100atp100_firmwareusg40_firmwareusg60w_firmwareatp100atp800_firmwareusg20-vpn_firmwarezywall_110usg_flex_200usg_flex_500_firmwareusg_flex_100w_firmwareusg_flex_100atp100watp100w_firmwarevpn300_firmwareusg_flex_200_firmwarevpn50_firmwareusg20-vpnusg40w_firmwareatp200atp700zywall_1100usg20w-vpnusg_flex_700vpn100_firmwarevpn300usg40wusg_flex_100wusg60watp700_firmwareatp500_firmwareusg40atp800zywall_310_firmwarevpn1000_firmwarevpn50usg_flex_100_firmwareusg60usg_flex_50_firmwarezywall_110_firmwarezywall_310atp500usg_flex_700_firmwarezywall_1100_firmwarevpn1000usg20w-vpn_firmwareusg_flex_500usg_flex_50atp200_firmwareVPN series firmwareUSG FLEX series firmwareZyWALL/USG series firmwareATP series firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-10243
Matching Score-4
Assigner-Ivanti
ShareView Details
Matching Score-4
Assigner-Ivanti
CVSS Score-7.2||HIGH
EPSS-21.11% / 97.27%
||
7 Day CHG~0.00%
Published-14 Oct, 2025 | 14:17
Updated-26 Feb, 2026 | 17:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

OS command injection in the admin panel of Ivanti EPMM before version 12.6.0.2, 12.5.0.4, and 12.4.0.4 allows a remote authenticated attacker with admin privileges to achieve remote code execution.

Action-Not Available
Vendor-Ivanti Software
Product-endpoint_manager_mobileEndpoint Manager Mobile
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-10242
Matching Score-4
Assigner-Ivanti
ShareView Details
Matching Score-4
Assigner-Ivanti
CVSS Score-7.2||HIGH
EPSS-21.11% / 97.27%
||
7 Day CHG~0.00%
Published-14 Oct, 2025 | 14:14
Updated-26 Feb, 2026 | 17:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

OS command injection in the admin panel of Ivanti EPMM before version 12.6.0.2, 12.5.0.4, and 12.4.0.4 allows a remote authenticated attacker with admin privileges to achieve remote code execution.

Action-Not Available
Vendor-Ivanti Software
Product-endpoint_manager_mobileEndpoint Manager Mobile
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-49814
Matching Score-4
Assigner-Dell
ShareView Details
Matching Score-4
Assigner-Dell
CVSS Score-7.2||HIGH
EPSS-Not Assigned
Published-03 Jul, 2026 | 14:13
Updated-03 Jul, 2026 | 15:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to arbitrary command execution.

Action-Not Available
Vendor-Dell Inc.
Product-PowerProtect Data Domain
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-49815
Matching Score-4
Assigner-Dell
ShareView Details
Matching Score-4
Assigner-Dell
CVSS Score-7.2||HIGH
EPSS-Not Assigned
Published-03 Jul, 2026 | 14:09
Updated-03 Jul, 2026 | 15:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an improper neutralization of special Elements used in an OS command ('OS command Injection') vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to execution of arbitrary OS commands.

Action-Not Available
Vendor-Dell Inc.
Product-PowerProtect Data Domain
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-53478
Matching Score-4
Assigner-Dell
ShareView Details
Matching Score-4
Assigner-Dell
CVSS Score-7.2||HIGH
EPSS-Not Assigned
Published-03 Jul, 2026 | 14:03
Updated-03 Jul, 2026 | 15:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an improper neutralization of special elements used in an OS command ('OS command Injection') vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to command execution.

Action-Not Available
Vendor-Dell Inc.
Product-PowerProtect Data Domain
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-37882
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.2||HIGH
EPSS-1.34% / 67.92%
||
7 Day CHG+0.04%
Published-20 Sep, 2022 | 19:53
Updated-28 May, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise in Aruba ClearPass Policy Manager version(s): 6.10.x: 6.10.6 and below; 6.9.x: 6.9.11 and below. Aruba has released upgrades for Aruba ClearPass Policy Manager that address these security vulnerabilities.

Action-Not Available
Vendor-n/aAruba Networks
Product-clearpass_policy_managerAruba ClearPass Policy Manager
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-38535
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-1.65% / 73.70%
||
7 Day CHG~0.00%
Published-15 Sep, 2022 | 17:58
Updated-03 Aug, 2024 | 10:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

TOTOLINK-720R v4.1.5cu.374 was discovered to contain a remote code execution (RCE) vulnerability via the setTracerouteCfg function.

Action-Not Available
Vendor-n/aTOTOLINK
Product-a720ra720r_firmwaren/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-37912
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.2||HIGH
EPSS-1.58% / 72.53%
||
7 Day CHG~0.00%
Published-03 Nov, 2022 | 19:07
Updated-02 May, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities results in the ability to execute arbitrary commands as a privileged user on the underlying operating system.

Action-Not Available
Vendor-Hewlett Packard Enterprise (HPE)Aruba Networks
Product-arubaossd-wanAruba Mobility Conductor (formerly Mobility Master); Aruba Mobility Controllers; WLAN Gateways and SD-WAN Gateways managed by Aruba Central
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-0356
Matching Score-4
Assigner-NEC Corporation
ShareView Details
Matching Score-4
Assigner-NEC Corporation
CVSS Score-7.2||HIGH
EPSS-0.60% / 44.36%
||
7 Day CHG~0.00%
Published-15 Jan, 2025 | 07:24
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NEC Corporation Aterm WX1500HP Ver.1.4.2 and earlier and WX3600HP Ver.1.5.3 and earlier allows a attacker to execute arbitrary OS commands via the network.

Action-Not Available
Vendor-NEC Corporation
Product-WX1500HPWX3600HP
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-37899
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.2||HIGH
EPSS-1.69% / 74.32%
||
7 Day CHG~0.00%
Published-03 Nov, 2022 | 18:44
Updated-02 May, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities results in the ability to execute arbitrary commands as a privileged user on the underlying operating system.

Action-Not Available
Vendor-Hewlett Packard Enterprise (HPE)Aruba Networks
Product-700872207240xm721070057205arubaos7280702470107030sd-wanAruba Mobility Conductor (formerly Mobility Master); Aruba Mobility Controllers; WLAN Gateways and SD-WAN Gateways managed by Aruba Central
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-0528
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.6||HIGH
EPSS-5.81% / 92.24%
||
7 Day CHG~0.00%
Published-17 Jan, 2025 | 14:31
Updated-28 May, 2025 | 14:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda AC8/AC10/AC18 HTTP Request telnet command injection

A vulnerability, which was classified as critical, has been found in Tenda AC8, AC10 and AC18 16.03.10.20. Affected by this issue is some unknown functionality of the file /goform/telnet of the component HTTP Request Handler. The manipulation leads to command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-ac10_firmwareac18_firmwareac18ac10ac8_firmwareac8AC8AC18AC10
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-9380
Matching Score-4
Assigner-Ivanti
ShareView Details
Matching Score-4
Assigner-Ivanti
CVSS Score-7.2||HIGH
EPSS-62.99% / 99.10%
||
7 Day CHG~0.00%
Published-08 Oct, 2024 | 16:23
Updated-24 Oct, 2025 | 13:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2024-10-30||As Ivanti CSA 4.6.x has reached End-of-Life status, users are urged to remove CSA 4.6.x from service or upgrade to the 5.0.x line, or later, of supported solution.

An OS command injection vulnerability in the admin web console of Ivanti CSA before version 5.0.2 allows a remote authenticated attacker with admin privileges to obtain remote code execution.

Action-Not Available
Vendor-Ivanti Software
Product-endpoint_manager_cloud_services_applianceCSA (Cloud Services Appliance)endpoint_manager_cloud_services_applianceCloud Services Appliance (CSA)
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-9139
Matching Score-4
Assigner-Moxa Inc.
ShareView Details
Matching Score-4
Assigner-Moxa Inc.
CVSS Score-8.6||HIGH
EPSS-1.39% / 68.88%
||
7 Day CHG~0.00%
Published-14 Oct, 2024 | 08:20
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
OS Command Injection in Restricted Command

The affected product permits OS command injection through improperly restricted commands, potentially allowing attackers to execute arbitrary code.

Action-Not Available
Vendor-Moxa Inc.
Product-EDR-810 SeriesEDR-G9010 SeriesEDR-G9004 SeriesTN-4900 SeriesNAT-102 SeriesEDF-G1002-BP SeriesEDR-8010 SeriesOnCell G4302-LTE4 Seriesoncell_g4302-lte4_firmwaretn-4900_firmwareedr-g9004_firmwareedr-8010_firmwarenat-102_firmwareedr-g9010_firmwareedr-810_firmwareedf-g1002-bp_firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-36962
Matching Score-4
Assigner-SolarWinds
ShareView Details
Matching Score-4
Assigner-SolarWinds
CVSS Score-7.2||HIGH
EPSS-9.01% / 94.64%
||
7 Day CHG~0.00%
Published-29 Nov, 2022 | 20:46
Updated-25 Apr, 2025 | 14:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SolarWinds Platform Command Injection

SolarWinds Platform was susceptible to Command Injection. This vulnerability allows a remote adversary with complete control over the SolarWinds database to execute arbitrary commands.

Action-Not Available
Vendor-SolarWinds Worldwide, LLC.
Product-orion_platformSolarWinds PlatformOrion Platform
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2024-9200
Matching Score-4
Assigner-Zyxel Corporation
ShareView Details
Matching Score-4
Assigner-Zyxel Corporation
CVSS Score-7.2||HIGH
EPSS-1.13% / 62.56%
||
7 Day CHG+0.02%
Published-03 Dec, 2024 | 01:33
Updated-21 Jan, 2025 | 21:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A post-authentication command injection vulnerability in the "host" parameter of the diagnostic function in Zyxel VMG4005-B50A firmware versions through V5.15(ABQA.2.2)C0 could allow an authenticated attacker with administrator privileges to execute operating system (OS) commands on a vulnerable device.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-vmg4005-b50bvmg4005-b50a_firmwarevmg4005-b60a_firmwarevmg4005-b50avmg4005-b50b_firmwareemg6726-b10avmg4927-b50avmg3927-b50bvmg4927-b50a_firmwarevmg3927-b50b_firmwarevmg4005-b60aemg6726-b10a_firmwareVMG4005-B50A firmwarevmg4005-b50a_firmwarevmg4927-b50a_firmwareemg6726-b10a_firmwarevmg4005-b50b_firmwarevmg3927-b50b_firmwarevmg4005-b60a_firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-9461
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-7.2||HIGH
EPSS-1.01% / 58.94%
||
7 Day CHG~0.00%
Published-26 Nov, 2024 | 13:56
Updated-08 Apr, 2026 | 17:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Total Upkeep <= 1.16.6 - Authenticated (Administrator+) Remote Code Execution via Backup Settings

The Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.16.6 via the cron_interval parameter. This is due to missing input validation and sanitization. This makes it possible for authenticated attackers, with Administrator-level access and above, to execute code on the server.

Action-Not Available
Vendor-BoldGrid (InMotion Hosting, Inc.)
Product-total_upkeepTotal Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGridtotal_upkeep
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-25041
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-8.6||HIGH
EPSS-0.48% / 37.95%
||
7 Day CHG~0.00%
Published-09 Mar, 2026 | 19:53
Updated-13 Mar, 2026 | 19:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Budibase has a Command Injection in PostgreSQL Dump Command

Budibase is a low code platform for creating internal tools, workflows, and admin panels. In 3.23.22 and earlier, the PostgreSQL integration constructs shell commands using user-controlled configuration values (database name, host, password, etc.) without proper sanitization. The password and other connection parameters are directly interpolated into a shell command. This affects packages/server/src/integrations/postgres.ts.

Action-Not Available
Vendor-budibaseBudibase
Product-budibasebudibase
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-8278
Matching Score-4
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-4
Assigner-Lenovo Group Ltd.
CVSS Score-7.2||HIGH
EPSS-1.10% / 61.63%
||
7 Day CHG~0.00%
Published-13 Sep, 2024 | 17:27
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A privilege escalation vulnerability was discovered in XCC that could allow a valid, authenticated XCC user with elevated privileges to perform command injection via specially crafted IPMI commands.

Action-Not Available
Vendor-Lenovo Group Limited
Product-VX7531 Certified Node (ThinkAgile) XCCHX7820 Appliance (ThinkAgile) XCCSR250 V2 (ThinkSystem) XCCVX5530 Appliance (ThinkAgile) XCCHX2331 Certified Node (ThinkAgile) XCCSR650 (ThinkSystem) XCCVX3530-G Appliance (ThinkAgile) XCCHX5531 Certified Node (ThinkAgile) XCCHX5530 Appliance (ThinkAgile) XCCVX7320 N (ThinkAgile) XCCHX1321 Certified Node (ThinkAgile) XCCVX635 V3 Integrated System (ThinkAgile) XCCVX7330 Appliance (Thinkagile) XCCST250 V3 (ThinkSystem) XCCSR258 V2 (ThinkSystem) XCCSE455 V3 (ThinkEdge) XCCSR150 (ThinkSystem) XCCHX Enclosure Certified Node (ThinkAgile) XCCSR630 V3 (ThinkSystem) XCCSR665 V3 (ThinkSystem) XCCVX 1SE Certified Node (ThinkAgile) XCCSE360 V2 (ThinkEdge) XCCHX7530 Appl for SAP HANA (ThinkAgile) XCCSR250 V3 (ThinkSystem) XCCSD650-N V2 (ThinkSystem) XCCHX1521-R Certified Node (ThinkAgile) XCCSR650 V3 (ThinkSystem) XCCSR860 V3 (ThinkSystem) XCCVX3320 (ThinkAgile) XCCHX5520-C Appliance (ThinkAgile) XCCSN850 (ThinkSystem) XCCSR655 V3 (ThinkSystem) XCCSR850P (ThinkSystem) XCCSD665 V3 (ThinkSystem) XCCST550 (ThinkSystem) XCCHX5521 Certified Node (ThinkAgile) XCCST250 V2 (ThinkSystem) XCCSR570 (ThinkSystem) XCCHX3331 Node SAP HANA (ThinkAgile) XCCSR630 V2 (ThinkSystem) XCCHX3330 Appliance (ThinkAgile) XCCHX3376 Certified Node (ThinkAgile) XCCSD550 V3 (ThinkSystem) XCCSR850 V2 (ThinkSystem) XCCST258 V2 (ThinkSystem) XCCSR850 (ThinkSystem) XCCSR675 V3 (ThinkSystem) XCCMX3331-F All-flash Certified node (ThinkAgile) XCCHX7531 Certified Node (ThinkAgile) XCCVX 2U4N Certified Node (ThinkAgile) XCCVX645 V3 Certified Node (ThinkAgile) XCCSR258 V3 (ThinkSystem) XCCHX1021 Edge Certified Node 3yr (ThinkAgile) XCCSR650 V2 (ThinkSystem) XCCVX3520-G (ThinkAgile) XCCVX7820 (ThinkAgile) XCCHX7530 Appliance (ThinkAgile) XCCST250 (ThinkSystem) XCCSE450 (ThinkEdge) XCCSD650 V3 (ThinkSystem) XCCSD650 DWC Dual Node Tray (ThinkSystem) XCCP920 Rack Workstation (ThinkStation) XCCVX5520 (ThinkAgile) XCCSN550 (ThinkSystem) XCCSR645 V3 (ThinkSystem) XCCVX655 V3 Integrated System (ThinkAgile) XCCMX3330-H Hybrid Appliance (ThinkAgile) XCCHX3321 Certified Node (ThinkAgile) XCCHX5520 Appliance (ThinkAgile) XCCHX7531 Node SAP HANA (ThinkAgile) XCCVX645 V3 Integrated System (ThinkAgile) XCCHX5521-C Certified Node (ThinkAgile) XCCSR860 (ThinkSystem) XCCSE350 V2 (ThinkEdge) XCCVX665 V3 Certified Node (ThinkAgile) XCCSR665 (ThinkSystem) XCCVX655 V3 Certified Node (ThinkAgile) XCCST658 V3 (ThinkSystem) XCCHX1320 Appliance (ThinkAgile) XCCVX2320 (ThinkAgile) XCCMX3530 F All flash Appliance (ThinkAgile) XCCST258 (ThinkSystem) XCCSE350 (ThinkSystem) XCCST658 V2 (ThinkSystem) XCCSR530 (ThinkSystem) XCCHX7520 Appliance (ThinkAgile) XCCSD530 V3 (ThinkSystem) XCCVX3330 Appliance (ThinkAgile) XCCSR670 V2 (ThinkSystem) XCCSR860 V2 (ThinkSystem) XCCHX2720-E Appliance (ThinkAgile) XCCHX2330 Appliance (ThinkAgile) XCCMX Edge Appliance - MX1020 (ThinkAgile) XCCSD650 V2 (ThinkSystem) XCCSR850 V3 (ThinkSystem) XCCHX3375 Appliance (ThinkAgile) XCCST650 V2 (ThinkSystem) XCCST258 V3 (ThinkSystem) XCCSR670 (ThinkSystem) XCCHX1331 Certified Node (ThinkAgile) XCCVX2330 Appliance (ThinkAgile) XCCVX3720 (ThinkAgile) XCCSR158 (ThinkSystem) XCCHX3331 Certified Node (ThinkAgile) XCCSD530 (ThinkSystem) XCCMX3330-F All-flash Appliance (ThinkAgile) XCCHX1520-R Appliance (ThinkAgile) XCCSR950 V3 (ThinkSystem) XCCHX3320 Appliance (ThinkAgile) XCCSR550 (ThinkSystem) XCCSR950 (ThinkSystem) XCCSR635 V3 (ThinkSystem) XCCThinkAgile MX1021 on SE350 XCCSR250 (ThinkSystem) XCCVX665 V3 Integrated System (ThinkAgile) XCCHX2321 Certified Node (ThinkAgile) XCCHX3521-G Certified Node (ThinkAgile) XCCHX3520-G Appliance (ThinkAgile) XCCHX3720 Appliance (ThinkAgile) XCCHX3721 Certified Node (ThinkAgile) XCCVX 4U Certified Node (ThinkAgile) XCCSN550 V2 (ThinkSystem) XCCHX7521 Certified Node (ThinkAgile) XCCSR645 (ThinkSystem) XCCST650 V3 (ThinkSystem) XCCMX3331-H Hybrid Certified node (ThinkAgile) XCCMX3530-H Hybrid Appliance (ThinkAgile) XCCVX3331 Certified Node (ThinkAgile) XCCMX3531 H Hybrid Certified node (ThinkAgile) XCCSR590 (ThinkSystem) XCCHX2320-E Appliance (ThinkAgile) XCCVX1320 (ThinkAgile) XCCVX7530 Appliance (ThinkAgile) XCCMX3531-F All-flash Certified node (ThinkAgile) XCCVX7520 (ThinkAgile) XCCHX7821 Certified Node (ThinkAgile) XCCVX7520 N (ThinkAgile) XCCSR258 (ThinkSystem) XCCSR630 (ThinkSystem) XCCSD630 V2 (ThinkSystem) XCCthinkedge_se455_v3_firmwarethinkagile_hx3375_firmwarethinksystem_sr675_v3_firmwarethinksystem_sd630_v2_firmwarethinkagile_hx1320_firmwarethinksystem_sr630_v3_firmwarethinksystem_sd530_v3_firmwarethinkagile_hx7820_firmwarethinksystem_sr635_v3_firmwarethinkedge_se350_v2_firmwarethinkagile_hx1021_edge_certified_node_3yr_firmwarethinksystem_sr850_v3_firmwarethinksystem_sr950_v3_firmwarethinkedge_se450__firmwarethinkagile_hx7530_firmwarethinksystem_st250_v3_firmwarethinksystem_st650_v3_firmwarethinkagile_hx_enclosure_certified_node_firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-8279
Matching Score-4
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-4
Assigner-Lenovo Group Ltd.
CVSS Score-7.2||HIGH
EPSS-1.10% / 61.63%
||
7 Day CHG~0.00%
Published-13 Sep, 2024 | 17:27
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A privilege escalation vulnerability was discovered in XCC that could allow a valid, authenticated XCC user with elevated privileges to perform command injection via specially crafted file uploads.

Action-Not Available
Vendor-Lenovo Group Limited
Product-VX7531 Certified Node (ThinkAgile) XCCHX7820 Appliance (ThinkAgile) XCCSR250 V2 (ThinkSystem) XCCVX5530 Appliance (ThinkAgile) XCCHX2331 Certified Node (ThinkAgile) XCCSR650 (ThinkSystem) XCCVX3530-G Appliance (ThinkAgile) XCCHX5531 Certified Node (ThinkAgile) XCCHX5530 Appliance (ThinkAgile) XCCVX7320 N (ThinkAgile) XCCHX1321 Certified Node (ThinkAgile) XCCVX635 V3 Integrated System (ThinkAgile) XCCVX7330 Appliance (Thinkagile) XCCST250 V3 (ThinkSystem) XCCSR258 V2 (ThinkSystem) XCCSE455 V3 (ThinkEdge) XCCSR150 (ThinkSystem) XCCHX Enclosure Certified Node (ThinkAgile) XCCSR630 V3 (ThinkSystem) XCCSR665 V3 (ThinkSystem) XCCVX 1SE Certified Node (ThinkAgile) XCCSE360 V2 (ThinkEdge) XCCHX7530 Appl for SAP HANA (ThinkAgile) XCCSR250 V3 (ThinkSystem) XCCSD650-N V2 (ThinkSystem) XCCHX1521-R Certified Node (ThinkAgile) XCCSR650 V3 (ThinkSystem) XCCSR860 V3 (ThinkSystem) XCCVX3320 (ThinkAgile) XCCHX5520-C Appliance (ThinkAgile) XCCSN850 (ThinkSystem) XCCSR655 V3 (ThinkSystem) XCCSR850P (ThinkSystem) XCCSD665 V3 (ThinkSystem) XCCST550 (ThinkSystem) XCCHX5521 Certified Node (ThinkAgile) XCCST250 V2 (ThinkSystem) XCCSR570 (ThinkSystem) XCCHX3331 Node SAP HANA (ThinkAgile) XCCSR630 V2 (ThinkSystem) XCCHX3330 Appliance (ThinkAgile) XCCHX3376 Certified Node (ThinkAgile) XCCSD550 V3 (ThinkSystem) XCCSR850 V2 (ThinkSystem) XCCST258 V2 (ThinkSystem) XCCSR850 (ThinkSystem) XCCSR675 V3 (ThinkSystem) XCCMX3331-F All-flash Certified node (ThinkAgile) XCCHX7531 Certified Node (ThinkAgile) XCCVX 2U4N Certified Node (ThinkAgile) XCCVX645 V3 Certified Node (ThinkAgile) XCCSR258 V3 (ThinkSystem) XCCHX1021 Edge Certified Node 3yr (ThinkAgile) XCCSR650 V2 (ThinkSystem) XCCVX3520-G (ThinkAgile) XCCVX7820 (ThinkAgile) XCCHX7530 Appliance (ThinkAgile) XCCST250 (ThinkSystem) XCCSE450 (ThinkEdge) XCCSD650 V3 (ThinkSystem) XCCSD650 DWC Dual Node Tray (ThinkSystem) XCCP920 Rack Workstation (ThinkStation) XCCVX5520 (ThinkAgile) XCCSN550 (ThinkSystem) XCCSR645 V3 (ThinkSystem) XCCVX655 V3 Integrated System (ThinkAgile) XCCMX3330-H Hybrid Appliance (ThinkAgile) XCCHX3321 Certified Node (ThinkAgile) XCCHX5520 Appliance (ThinkAgile) XCCHX7531 Node SAP HANA (ThinkAgile) XCCVX645 V3 Integrated System (ThinkAgile) XCCHX5521-C Certified Node (ThinkAgile) XCCSR860 (ThinkSystem) XCCSE350 V2 (ThinkEdge) XCCVX665 V3 Certified Node (ThinkAgile) XCCSR665 (ThinkSystem) XCCVX655 V3 Certified Node (ThinkAgile) XCCST658 V3 (ThinkSystem) XCCHX1320 Appliance (ThinkAgile) XCCVX2320 (ThinkAgile) XCCMX3530 F All flash Appliance (ThinkAgile) XCCST258 (ThinkSystem) XCCSE350 (ThinkSystem) XCCST658 V2 (ThinkSystem) XCCSR530 (ThinkSystem) XCCHX7520 Appliance (ThinkAgile) XCCSD530 V3 (ThinkSystem) XCCVX3330 Appliance (ThinkAgile) XCCSR670 V2 (ThinkSystem) XCCSR860 V2 (ThinkSystem) XCCHX2720-E Appliance (ThinkAgile) XCCHX2330 Appliance (ThinkAgile) XCCMX Edge Appliance - MX1020 (ThinkAgile) XCCSD650 V2 (ThinkSystem) XCCSR850 V3 (ThinkSystem) XCCHX3375 Appliance (ThinkAgile) XCCST650 V2 (ThinkSystem) XCCST258 V3 (ThinkSystem) XCCSR670 (ThinkSystem) XCCHX1331 Certified Node (ThinkAgile) XCCVX2330 Appliance (ThinkAgile) XCCVX3720 (ThinkAgile) XCCSR158 (ThinkSystem) XCCHX3331 Certified Node (ThinkAgile) XCCSD530 (ThinkSystem) XCCMX3330-F All-flash Appliance (ThinkAgile) XCCHX1520-R Appliance (ThinkAgile) XCCSR950 V3 (ThinkSystem) XCCHX3320 Appliance (ThinkAgile) XCCSR550 (ThinkSystem) XCCSR950 (ThinkSystem) XCCSR635 V3 (ThinkSystem) XCCThinkAgile MX1021 on SE350 XCCSR250 (ThinkSystem) XCCVX665 V3 Integrated System (ThinkAgile) XCCHX2321 Certified Node (ThinkAgile) XCCHX3521-G Certified Node (ThinkAgile) XCCHX3520-G Appliance (ThinkAgile) XCCHX3720 Appliance (ThinkAgile) XCCHX3721 Certified Node (ThinkAgile) XCCVX 4U Certified Node (ThinkAgile) XCCSN550 V2 (ThinkSystem) XCCHX7521 Certified Node (ThinkAgile) XCCSR645 (ThinkSystem) XCCST650 V3 (ThinkSystem) XCCMX3331-H Hybrid Certified node (ThinkAgile) XCCMX3530-H Hybrid Appliance (ThinkAgile) XCCVX3331 Certified Node (ThinkAgile) XCCMX3531 H Hybrid Certified node (ThinkAgile) XCCSR590 (ThinkSystem) XCCHX2320-E Appliance (ThinkAgile) XCCVX1320 (ThinkAgile) XCCVX7530 Appliance (ThinkAgile) XCCMX3531-F All-flash Certified node (ThinkAgile) XCCVX7520 (ThinkAgile) XCCHX7821 Certified Node (ThinkAgile) XCCVX7520 N (ThinkAgile) XCCSR258 (ThinkSystem) XCCSR630 (ThinkSystem) XCCSD630 V2 (ThinkSystem) XCCthinkedge_se455_v3_firmwarethinkagile_hx3375_firmwarethinksystem_sr675_v3_firmwarethinksystem_sd630_v2_firmwarethinkagile_hx1320_firmwarethinksystem_sr630_v3_firmwarethinksystem_sd530_v3_firmwarethinkagile_hx7820_firmwarethinksystem_sr635_v3_firmwarethinkedge_se350_v2_firmwarethinkagile_hx1021_edge_certified_node_3yr_firmwarethinksystem_sr850_v3_firmwarethinksystem_sr950_v3_firmwarethinkedge_se450__firmwarethinkagile_hx7530_firmwarethinksystem_st250_v3_firmwarethinksystem_st650_v3_firmwarethinkagile_hx_enclosure_certified_node_firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-10173
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-77.28% / 99.50%
||
7 Day CHG~0.00%
Published-05 Mar, 2020 | 14:36
Updated-04 Aug, 2024 | 10:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Comtrend VR-3033 DE11-416SSG-C01_R02.A2pvI042j1.d26m devices have Multiple Authenticated Command Injection vulnerabilities via the ping and traceroute diagnostic pages, as demonstrated by shell metacharacters in the pingIpAddress parameter to ping.cgi.

Action-Not Available
Vendor-comtrendn/a
Product-vr-3033vr-3033_firmwaren/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-8281
Matching Score-4
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-4
Assigner-Lenovo Group Ltd.
CVSS Score-7.2||HIGH
EPSS-1.03% / 59.57%
||
7 Day CHG~0.00%
Published-13 Sep, 2024 | 17:27
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An input validation weakness was discovered in XCC that could allow a valid, authenticated XCC user with elevated privileges to perform command injection through specially crafted command line input in the XCC SSH captive shell.

Action-Not Available
Vendor-Lenovo Group Limited
Product-VX7531 Certified Node (ThinkAgile) XCCHX7820 Appliance (ThinkAgile) XCCSR250 V2 (ThinkSystem) XCCVX5530 Appliance (ThinkAgile) XCCHX2331 Certified Node (ThinkAgile) XCCSR650 (ThinkSystem) XCCVX3530-G Appliance (ThinkAgile) XCCHX5531 Certified Node (ThinkAgile) XCCHX5530 Appliance (ThinkAgile) XCCVX7320 N (ThinkAgile) XCCHX1321 Certified Node (ThinkAgile) XCCVX635 V3 Integrated System (ThinkAgile) XCCVX7330 Appliance (Thinkagile) XCCST250 V3 (ThinkSystem) XCCSR258 V2 (ThinkSystem) XCCSE455 V3 (ThinkEdge) XCCSR150 (ThinkSystem) XCCHX Enclosure Certified Node (ThinkAgile) XCCSR630 V3 (ThinkSystem) XCCSR665 V3 (ThinkSystem) XCCVX 1SE Certified Node (ThinkAgile) XCCSE360 V2 (ThinkEdge) XCCHX7530 Appl for SAP HANA (ThinkAgile) XCCSR250 V3 (ThinkSystem) XCCSD650-N V2 (ThinkSystem) XCCHX1521-R Certified Node (ThinkAgile) XCCSR650 V3 (ThinkSystem) XCCSR860 V3 (ThinkSystem) XCCVX3320 (ThinkAgile) XCCHX5520-C Appliance (ThinkAgile) XCCSN850 (ThinkSystem) XCCSR655 V3 (ThinkSystem) XCCSR850P (ThinkSystem) XCCSD665 V3 (ThinkSystem) XCCST550 (ThinkSystem) XCCHX5521 Certified Node (ThinkAgile) XCCST250 V2 (ThinkSystem) XCCSR570 (ThinkSystem) XCCHX3331 Node SAP HANA (ThinkAgile) XCCSR630 V2 (ThinkSystem) XCCHX3330 Appliance (ThinkAgile) XCCHX3376 Certified Node (ThinkAgile) XCCSD550 V3 (ThinkSystem) XCCSR850 V2 (ThinkSystem) XCCST258 V2 (ThinkSystem) XCCSR850 (ThinkSystem) XCCSR675 V3 (ThinkSystem) XCCMX3331-F All-flash Certified node (ThinkAgile) XCCHX7531 Certified Node (ThinkAgile) XCCVX 2U4N Certified Node (ThinkAgile) XCCVX645 V3 Certified Node (ThinkAgile) XCCSR258 V3 (ThinkSystem) XCCHX1021 Edge Certified Node 3yr (ThinkAgile) XCCSR650 V2 (ThinkSystem) XCCVX3520-G (ThinkAgile) XCCVX7820 (ThinkAgile) XCCHX7530 Appliance (ThinkAgile) XCCST250 (ThinkSystem) XCCSE450 (ThinkEdge) XCCSD650 V3 (ThinkSystem) XCCSD650 DWC Dual Node Tray (ThinkSystem) XCCP920 Rack Workstation (ThinkStation) XCCVX5520 (ThinkAgile) XCCSN550 (ThinkSystem) XCCSR645 V3 (ThinkSystem) XCCVX655 V3 Integrated System (ThinkAgile) XCCMX3330-H Hybrid Appliance (ThinkAgile) XCCHX3321 Certified Node (ThinkAgile) XCCHX5520 Appliance (ThinkAgile) XCCHX7531 Node SAP HANA (ThinkAgile) XCCVX645 V3 Integrated System (ThinkAgile) XCCHX5521-C Certified Node (ThinkAgile) XCCSR860 (ThinkSystem) XCCSE350 V2 (ThinkEdge) XCCVX665 V3 Certified Node (ThinkAgile) XCCSR665 (ThinkSystem) XCCVX655 V3 Certified Node (ThinkAgile) XCCST658 V3 (ThinkSystem) XCCHX1320 Appliance (ThinkAgile) XCCVX2320 (ThinkAgile) XCCMX3530 F All flash Appliance (ThinkAgile) XCCST258 (ThinkSystem) XCCSE350 (ThinkSystem) XCCST658 V2 (ThinkSystem) XCCSR530 (ThinkSystem) XCCHX7520 Appliance (ThinkAgile) XCCSD530 V3 (ThinkSystem) XCCVX3330 Appliance (ThinkAgile) XCCSR670 V2 (ThinkSystem) XCCSR860 V2 (ThinkSystem) XCCHX2720-E Appliance (ThinkAgile) XCCHX2330 Appliance (ThinkAgile) XCCMX Edge Appliance - MX1020 (ThinkAgile) XCCSD650 V2 (ThinkSystem) XCCSR850 V3 (ThinkSystem) XCCHX3375 Appliance (ThinkAgile) XCCST650 V2 (ThinkSystem) XCCST258 V3 (ThinkSystem) XCCSR670 (ThinkSystem) XCCHX1331 Certified Node (ThinkAgile) XCCVX2330 Appliance (ThinkAgile) XCCVX3720 (ThinkAgile) XCCSR158 (ThinkSystem) XCCHX3331 Certified Node (ThinkAgile) XCCSD530 (ThinkSystem) XCCMX3330-F All-flash Appliance (ThinkAgile) XCCHX1520-R Appliance (ThinkAgile) XCCSR950 V3 (ThinkSystem) XCCHX3320 Appliance (ThinkAgile) XCCSR550 (ThinkSystem) XCCSR950 (ThinkSystem) XCCSR635 V3 (ThinkSystem) XCCThinkAgile MX1021 on SE350 XCCSR250 (ThinkSystem) XCCVX665 V3 Integrated System (ThinkAgile) XCCHX2321 Certified Node (ThinkAgile) XCCHX3521-G Certified Node (ThinkAgile) XCCHX3520-G Appliance (ThinkAgile) XCCHX3720 Appliance (ThinkAgile) XCCHX3721 Certified Node (ThinkAgile) XCCVX 4U Certified Node (ThinkAgile) XCCSN550 V2 (ThinkSystem) XCCHX7521 Certified Node (ThinkAgile) XCCSR645 (ThinkSystem) XCCST650 V3 (ThinkSystem) XCCMX3331-H Hybrid Certified node (ThinkAgile) XCCMX3530-H Hybrid Appliance (ThinkAgile) XCCVX3331 Certified Node (ThinkAgile) XCCMX3531 H Hybrid Certified node (ThinkAgile) XCCSR590 (ThinkSystem) XCCHX2320-E Appliance (ThinkAgile) XCCVX1320 (ThinkAgile) XCCVX7530 Appliance (ThinkAgile) XCCMX3531-F All-flash Certified node (ThinkAgile) XCCVX7520 (ThinkAgile) XCCHX7821 Certified Node (ThinkAgile) XCCVX7520 N (ThinkAgile) XCCSR258 (ThinkSystem) XCCSR630 (ThinkSystem) XCCSD630 V2 (ThinkSystem) XCCthinkedge_se455_v3_firmwarethinkagile_hx3375_firmwarethinksystem_sr675_v3_firmwarethinksystem_sd630_v2_firmwarethinkagile_hx1320_firmwarethinksystem_sr630_v3_firmwarethinksystem_sd530_v3_firmwarethinkagile_hx7820_firmwarethinksystem_sr635_v3_firmwarethinkedge_se350_v2_firmwarethinkagile_hx1021_edge_certified_node_3yr_firmwarethinksystem_sr850_v3_firmwarethinksystem_sr950_v3_firmwarethinkedge_se450__firmwarethinkagile_hx7530_firmwarethinksystem_st250_v3_firmwarethinksystem_st650_v3_firmwarethinkagile_hx_enclosure_certified_node_firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-7728
Matching Score-4
Assigner-TWCERT/CC
ShareView Details
Matching Score-4
Assigner-TWCERT/CC
CVSS Score-7.2||HIGH
EPSS-0.72% / 49.42%
||
7 Day CHG~0.00%
Published-14 Aug, 2024 | 03:26
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
CAYIN Technology CMS - OS Command Injection

The specific CGI of the CAYIN Technology CMS does not properly validate user input, allowing a remote attacker with administrator privileges to inject OS commands into the specific parameter and execute them on the remote server.

Action-Not Available
Vendor-CAYIN Technology Co.
Product-CMS-SE(22.04)CMS-SE(18.04)CMS-SEcms-secms-se\(22.04\)cms-se\(18.04\)
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-36381
Matching Score-4
Assigner-JPCERT/CC
ShareView Details
Matching Score-4
Assigner-JPCERT/CC
CVSS Score-7.2||HIGH
EPSS-1.46% / 70.39%
||
7 Day CHG~0.00%
Published-16 Aug, 2022 | 07:03
Updated-03 Aug, 2024 | 10:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

OS command injection vulnerability in Nintendo Wi-Fi Network Adaptor WAP-001 All versions allows an attacker with an administrative privilege to execute arbitrary OS commands via unspecified vectors.

Action-Not Available
Vendor-nintendoNintendo Co., Ltd.
Product-wi-fi_network_adaptor_wap_001_firmwarewi-fi_network_adaptor_wap_001Nintendo Wi-Fi Network Adaptor WAP-001
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-35844
Matching Score-4
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-4
Assigner-Fortinet, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.29% / 21.25%
||
7 Day CHG~0.00%
Published-10 Oct, 2022 | 00:00
Updated-25 Oct, 2024 | 13:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An improper neutralization of special elements used in an OS command vulnerability [CWE-78] in the management interface of FortiTester 2.3.0 through 3.9.1, 4.0.0 through 4.2.0, 7.0.0 through 7.1.0 may allow an authenticated attacker to execute unauthorized commands via specifically crafted arguments to commands of the certificate import feature.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortitesterFortinet FortiTester
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 23
  • 24
  • Next
Details not found