Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2023-39509

Summary
Assigner-bosch
Assigner Org ID-c95f66b2-7e7c-41c5-8f09-6f86ec68659c
Published At-18 Dec, 2023 | 12:55
Updated At-02 Aug, 2024 | 18:10
Rejected At-
Credits

A command injection vulnerability exists in Bosch IP cameras that allows an authenticated user with administrative rights to run arbitrary commands on the OS of the camera.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:bosch
Assigner Org ID:c95f66b2-7e7c-41c5-8f09-6f86ec68659c
Published At:18 Dec, 2023 | 12:55
Updated At:02 Aug, 2024 | 18:10
Rejected At:
▼CVE Numbering Authority (CNA)

A command injection vulnerability exists in Bosch IP cameras that allows an authenticated user with administrative rights to run arbitrary commands on the OS of the camera.

Affected Products
Vendor
Robert Bosch GmbHBosch
Product
Camera Firmware
Platforms
  • CPP13
Versions
Affected
  • From 0 through 8.90 (custom)
Vendor
Robert Bosch GmbHBosch
Product
Camera Firmware
Platforms
  • CPP14
Versions
Affected
  • From 8.20 through 8.81 (custom)
Problem Types
TypeCWE IDDescription
N/AN/ACWE-20 Improper Input Validation
Type: N/A
CWE ID: N/A
Description: CWE-20 Improper Input Validation
Metrics
VersionBase scoreBase severityVector
3.17.2HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 7.2
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://psirt.bosch.com/security-advisories/BOSCH-SA-638184-BT.html
vendor-advisory
Hyperlink: https://psirt.bosch.com/security-advisories/BOSCH-SA-638184-BT.html
Resource:
vendor-advisory
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://psirt.bosch.com/security-advisories/BOSCH-SA-638184-BT.html
vendor-advisory
x_transferred
Hyperlink: https://psirt.bosch.com/security-advisories/BOSCH-SA-638184-BT.html
Resource:
vendor-advisory
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:psirt@bosch.com
Published At:18 Dec, 2023 | 13:15
Updated At:22 Dec, 2023 | 19:45

A command injection vulnerability exists in Bosch IP cameras that allows an authenticated user with administrative rights to run arbitrary commands on the OS of the camera.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.2HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Secondary3.17.2HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 3.1
Base score: 7.2
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 7.2
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CPE Matches

Robert Bosch GmbH
bosch
>>cpp13>>-
cpe:2.3:h:bosch:cpp13:-:*:*:*:*:*:*:*
Robert Bosch GmbH
bosch
>>cpp13_firmware>>Versions up to 8.90(inclusive)
cpe:2.3:o:bosch:cpp13_firmware:*:*:*:*:*:*:*:*
Robert Bosch GmbH
bosch
>>cpp14>>-
cpe:2.3:h:bosch:cpp14:-:*:*:*:*:*:*:*
Robert Bosch GmbH
bosch
>>cpp14_firmware>>Versions from 8.20(inclusive) to 8.81(inclusive)
cpe:2.3:o:bosch:cpp14_firmware:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-77Primarynvd@nist.gov
CWE-20Secondarypsirt@bosch.com
CWE ID: CWE-77
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-20
Type: Secondary
Source: psirt@bosch.com
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
https://psirt.bosch.com/security-advisories/BOSCH-SA-638184-BT.htmlpsirt@bosch.com
Vendor Advisory
Hyperlink: https://psirt.bosch.com/security-advisories/BOSCH-SA-638184-BT.html
Source: psirt@bosch.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

536Records found

CVE-2023-34999
Matching Score-10
Assigner-Robert Bosch GmbH
ShareView Details
Matching Score-10
Assigner-Robert Bosch GmbH
CVSS Score-8.4||HIGH
EPSS-1.13% / 62.55%
||
7 Day CHG~0.00%
Published-18 Sep, 2023 | 10:16
Updated-25 Sep, 2024 | 15:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A command injection vulnerability exists in RTS VLink Virtual Matrix Software Versions v5 (< 5.7.6) and v6 (< 6.5.0) that allows an attacker to perform arbitrary code execution via the admin web interface.

Action-Not Available
Vendor-RTSRobert Bosch GmbH
Product-rts_vlink_virtual_matrixVLink Virtual Matrix Software
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2021-23862
Matching Score-10
Assigner-Robert Bosch GmbH
ShareView Details
Matching Score-10
Assigner-Robert Bosch GmbH
CVSS Score-7.2||HIGH
EPSS-1.39% / 69.06%
||
7 Day CHG~0.00%
Published-08 Dec, 2021 | 21:17
Updated-16 Sep, 2024 | 19:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Authenticated Remote Code Execution

A crafted configuration packet sent by an authenticated administrative user can be used to execute arbitrary commands in system context. This issue also affects installations of the VRM, DIVAR IP, BVMS with VRM installed, the VIDEOJET decoder (VJD-7513 and VJD-8000).

Action-Not Available
Vendor-Robert Bosch GmbH
Product-video_recording_managerdivar_ip_5000_firmwarebosch_video_management_systemvideojet_decoder_7513videojet_decoder_8000_firmwarevideojet_decoder_8000divar_ip_7000_firmwarevideojet_decoder_7513_firmwareVJD-7513VJD-8000BVMSDIVAR IP all-in-one 5000DIVAR IP 7000 R2VRMDIVAR IP all-in-one 7000
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-23850
Matching Score-8
Assigner-Robert Bosch GmbH
ShareView Details
Matching Score-8
Assigner-Robert Bosch GmbH
CVSS Score-6.8||MEDIUM
EPSS-1.47% / 70.51%
||
7 Day CHG~0.00%
Published-30 Mar, 2022 | 16:03
Updated-17 Sep, 2024 | 02:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Overflow vulnerability in the recovery image telnet server

A specially crafted TCP/IP packet may cause a camera recovery image telnet interface to crash. It may also cause a buffer overflow which could enable remote code execution. The recovery image can only be booted with administrative rights or with physical access to the camera and allows the upload of a new firmware in case of a damaged firmware.

Action-Not Available
Vendor-Robert Bosch GmbH
Product-flexidome_ip_panoramic_6000dinion_hd_720pdinion_ip_starlight_7000_hddinion_ip_ultra_8000flexidome_ip_starlight_7000_firmwareflexidome_ip_indoor_5000_hddinion_ip_5000_hddinion_ip_bullet_4000_firmwareflexidome_ip_starlight_5000i_firmwaremic_ip_starlight_7000ip_micro_2000_firmwaredinion_ip_starlight_7000_firmwaredinion_ip_thermal_8000_firmwaredinion_ip_bullet_4000autodome_ip_5000iautodome_ip_4000_hddinion_ip_bullet_5000autodome_ip_starlight_5000i_firmwaremic_ip_starlight_7100i_firmwaredinion_ip_thermal_9000_rmflexidome_corner_9000_mp_firmwareflexidome_ip_micro_2000_ipdinion_hd_1080pdinion_ip_starlight_8000_firmwareflexidome_ip_5000i_firmwareflexidome_hd_1080p_firmwarevandal-proof_flexidome_hd_1080p_hdrflexidome_ip_starlight_8000idinion_hd_1080p_hdr_firmwaremic_ip_starlight_7000i_firmwareip_bullet_5000_hd_firmwareip_bullet_4000_hd_firmwareflexidome_ip_micro_2000_hdmic_ip_starlight_7100iflexidome_ip_outdoor_4000_hd_firmwaredinion_ip_bullet_5000i_firmwaredinion_hd_720p_firmwareflexidome_ip_indoor_5000_hd_firmwareautodome_ip_5000i_firmwareautodome_ip_4000_hd_firmwareflexidome_ip_starlight_6000_firmwareautodome_ip_5000_ir_firmwareflexidome_ip_panoramic_5000_firmwareflexidome_ip_micro_2000_hd_firmwaremic_ip_fusion_9000iflexidome_ip_starlight_7000flexidome_ip_indoor_4000_hd_firmwareflexidome_ip_outdoor_4000_irflexidome_ip_outdoor_4000_ir_firmwareflexidome_ip_micro_5000_mp_firmwaredinion_hd_1080p_hdrflexidome_ip_outdoor_5000_hd_firmwaremic_ip_starlight_7000idinion_ip_starlight_6000autodome_7000autodome_ip_starlight_7000i_firmwareflexidome_ip_starlight_8000i_firmwaremic_ip_starlight_7000_firmwareip_bullet_4000_hdvandal-proof_flexidome_hd_1080p_firmwareflexidome_hd_1080p_hdrdinion_ip_5000_mp_firmwareaviotec_ip_starlight_8000_firmwareip_micro_2000_hddinion_ip_starlight_8000dinion_ip_thermal_8000flexidome_ip_panoramic_6000_firmwaredinion_ip_bullet_6000iflexidome_ip_starlight_6000dinion_ip_starlight_7000_hd_firmwareflexidome_ip_micro_2000_ip_firmwareflexidome_hd_720p_firmwaredinion_hd_1080p_firmwareflexidome_ip_panoramic_7000_firmwareflexidome_ip_panoramic_5000flexidome_ip_indoor_5000_mpdinion_ip_ultra_8000_firmwaredinion_ip_bullet_4000iflexidome_ip_outdoor_4000_hddinion_ip_3000iautodome_ip_starlight_7000iip_micro_2000_hd_firmwaredinion_ip_bullet_4000i_firmwarevandal-proof_flexidome_hd_1080p_hdr_firmwaredinion_ip_starlight_6000_firmwaremic_ip_dynamic_7000mic_ip_ultra_7100iflexidome_ip_indoor_4000_irtinyon_ip_2000dinion_ip_3000i_firmwaredinion_ip_starlight_7000dinion_ip_4000_hdflexidome_hd_1080p_hdr_firmwareflexidome_ip_outdoor_5000_mpvandal-proof_flexidome_hd_1080pmic_ip_fusion_9000i_firmwareautodome_ip_5000_irflexidome_ip_3000i_firmwaredinion_imager_9000_hdmic_ip_ultra_7100i_firmwareflexidome_corner_9000_mpautodome_ip_5000_hd_firmwaredinion_ip_5000_hd_firmwaredinion_ip_5000_mpmic_ip_dynamic_7000_firmwareflexidome_ip_4000iaviotec_ip_starlight_8000flexidome_ip_indoor_4000_ir_firmwareip_bullet_5000_hdflexidome_ip_outdoor_5000_mp_firmwarevandal-proof_flexidome_hd_720p_firmwareautodome_ip_4000i_firmwaretinyon_ip_2000_firmwareflexidome_ip_outdoor_5000_hdflexidome_ip_4000i_firmwaredinion_ip_4000_hd_firmwaredinion_ip_thermal_9000_rm_firmwareflexidome_ip_starlight_5000idinion_ip_bullet_5000iflexidome_ip_indoor_4000_hdflexidome_hd_1080pdinion_ip_bullet_5000_firmwareautodome_ip_4000iautodome_7000_firmwareflexidome_ip_micro_5000_mpdinion_ip_bullet_6000i_firmwaredinion_imager_9000_hd_firmwareflexidome_ip_5000iip_micro_2000flexidome_hd_720pvandal-proof_flexidome_hd_720pautodome_ip_starlight_5000iflexidome_ip_indoor_5000_mp_firmwareflexidome_ip_3000iflexidome_ip_panoramic_7000autodome_ip_5000_hdCPP Firmware
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-23851
Matching Score-8
Assigner-Robert Bosch GmbH
ShareView Details
Matching Score-8
Assigner-Robert Bosch GmbH
CVSS Score-6.8||MEDIUM
EPSS-1.47% / 70.51%
||
7 Day CHG~0.00%
Published-30 Mar, 2022 | 16:03
Updated-16 Sep, 2024 | 18:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Overflow vulnerability in the recovery image web-based interface

A specially crafted TCP/IP packet may cause the camera recovery image web interface to crash. It may also cause a buffer overflow which could enable remote code execution. The recovery image can only be booted with administrative rights or with physical access to the camera and allows the upload of a new firmware in case of a damaged firmware.

Action-Not Available
Vendor-Robert Bosch GmbH
Product-flexidome_ip_panoramic_6000dinion_hd_720pdinion_ip_starlight_7000_hddinion_ip_ultra_8000flexidome_ip_starlight_7000_firmwareflexidome_ip_indoor_5000_hddinion_ip_5000_hddinion_ip_bullet_4000_firmwareflexidome_ip_starlight_5000i_firmwaremic_ip_starlight_7000ip_micro_2000_firmwaredinion_ip_starlight_7000_firmwaredinion_ip_thermal_8000_firmwaredinion_ip_bullet_4000autodome_ip_5000iautodome_ip_4000_hddinion_ip_bullet_5000autodome_ip_starlight_5000i_firmwaremic_ip_starlight_7100i_firmwaredinion_ip_thermal_9000_rmflexidome_corner_9000_mp_firmwareflexidome_ip_micro_2000_ipdinion_hd_1080pdinion_ip_starlight_8000_firmwareflexidome_ip_5000i_firmwareflexidome_hd_1080p_firmwarevandal-proof_flexidome_hd_1080p_hdrflexidome_ip_starlight_8000idinion_hd_1080p_hdr_firmwaremic_ip_starlight_7000i_firmwareip_bullet_5000_hd_firmwareip_bullet_4000_hd_firmwareflexidome_ip_micro_2000_hdmic_ip_starlight_7100iflexidome_ip_outdoor_4000_hd_firmwaredinion_ip_bullet_5000i_firmwaredinion_hd_720p_firmwareflexidome_ip_indoor_5000_hd_firmwareautodome_ip_5000i_firmwareautodome_ip_4000_hd_firmwareflexidome_ip_starlight_6000_firmwareautodome_ip_5000_ir_firmwareflexidome_ip_panoramic_5000_firmwareflexidome_ip_micro_2000_hd_firmwaremic_ip_fusion_9000iflexidome_ip_starlight_7000flexidome_ip_indoor_4000_hd_firmwareflexidome_ip_outdoor_4000_irflexidome_ip_outdoor_4000_ir_firmwareflexidome_ip_micro_5000_mp_firmwaredinion_hd_1080p_hdrflexidome_ip_outdoor_5000_hd_firmwaremic_ip_starlight_7000idinion_ip_starlight_6000autodome_7000autodome_ip_starlight_7000i_firmwareflexidome_ip_starlight_8000i_firmwaremic_ip_starlight_7000_firmwareip_bullet_4000_hdvandal-proof_flexidome_hd_1080p_firmwareflexidome_hd_1080p_hdrdinion_ip_5000_mp_firmwareaviotec_ip_starlight_8000_firmwareip_micro_2000_hddinion_ip_starlight_8000dinion_ip_thermal_8000flexidome_ip_panoramic_6000_firmwaredinion_ip_bullet_6000iflexidome_ip_starlight_6000dinion_ip_starlight_7000_hd_firmwareflexidome_ip_micro_2000_ip_firmwareflexidome_hd_720p_firmwaredinion_hd_1080p_firmwareflexidome_ip_panoramic_7000_firmwareflexidome_ip_panoramic_5000flexidome_ip_indoor_5000_mpdinion_ip_ultra_8000_firmwaredinion_ip_bullet_4000iflexidome_ip_outdoor_4000_hddinion_ip_3000iautodome_ip_starlight_7000iip_micro_2000_hd_firmwaredinion_ip_bullet_4000i_firmwarevandal-proof_flexidome_hd_1080p_hdr_firmwaredinion_ip_starlight_6000_firmwaremic_ip_dynamic_7000mic_ip_ultra_7100iflexidome_ip_indoor_4000_irtinyon_ip_2000dinion_ip_3000i_firmwaredinion_ip_starlight_7000dinion_ip_4000_hdflexidome_hd_1080p_hdr_firmwareflexidome_ip_outdoor_5000_mpvandal-proof_flexidome_hd_1080pmic_ip_fusion_9000i_firmwareautodome_ip_5000_irflexidome_ip_3000i_firmwaredinion_imager_9000_hdmic_ip_ultra_7100i_firmwareflexidome_corner_9000_mpautodome_ip_5000_hd_firmwaredinion_ip_5000_hd_firmwaredinion_ip_5000_mpmic_ip_dynamic_7000_firmwareflexidome_ip_4000iaviotec_ip_starlight_8000flexidome_ip_indoor_4000_ir_firmwareip_bullet_5000_hdflexidome_ip_outdoor_5000_mp_firmwarevandal-proof_flexidome_hd_720p_firmwareautodome_ip_4000i_firmwaretinyon_ip_2000_firmwareflexidome_ip_outdoor_5000_hdflexidome_ip_4000i_firmwaredinion_ip_4000_hd_firmwaredinion_ip_thermal_9000_rm_firmwareflexidome_ip_starlight_5000idinion_ip_bullet_5000iflexidome_ip_indoor_4000_hdflexidome_hd_1080pdinion_ip_bullet_5000_firmwareautodome_ip_4000iautodome_7000_firmwareflexidome_ip_micro_5000_mpdinion_ip_bullet_6000i_firmwaredinion_imager_9000_hd_firmwareflexidome_ip_5000iip_micro_2000flexidome_hd_720pvandal-proof_flexidome_hd_720pautodome_ip_starlight_5000iflexidome_ip_indoor_5000_mp_firmwareflexidome_ip_3000iflexidome_ip_panoramic_7000autodome_ip_5000_hdCPP Firmware
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-32534
Matching Score-6
Assigner-Robert Bosch GmbH
ShareView Details
Matching Score-6
Assigner-Robert Bosch GmbH
CVSS Score-8.8||HIGH
EPSS-2.29% / 81.12%
||
7 Day CHG~0.00%
Published-22 Jun, 2022 | 13:55
Updated-03 Aug, 2024 | 07:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
OS Command Injection

The Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 and earlier was found to be vulnerable to command injection through its diagnostics web interface. This allows execution of shell commands.

Action-Not Available
Vendor-Robert Bosch GmbH
Product-pra-es8p2spra-es8p2s_firmwarePRA-ES8P2S
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-23853
Matching Score-6
Assigner-Robert Bosch GmbH
ShareView Details
Matching Score-6
Assigner-Robert Bosch GmbH
CVSS Score-8.3||HIGH
EPSS-0.86% / 53.91%
||
7 Day CHG~0.00%
Published-09 Jun, 2021 | 14:19
Updated-17 Sep, 2024 | 00:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Input Validation of HTTP Headers

In Bosch IP cameras, improper validation of the HTTP header allows an attacker to inject arbitrary HTTP headers through crafted URLs.

Action-Not Available
Vendor-Robert Bosch GmbH
Product-cpp13cpp7_firmwarecpp13_firmwarecpp4_firmwarecpp7.3_firmwarecpp7.3cpp4cpp7cpp6_firmwarecpp6CPP Firmware
CWE ID-CWE-20
Improper Input Validation
CVE-2021-38521
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.1||MEDIUM
EPSS-0.87% / 54.42%
||
7 Day CHG~0.00%
Published-11 Aug, 2021 | 00:02
Updated-04 Aug, 2024 | 01:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R6400 before 1.0.1.50, R7900P before 1.4.1.50, R8000P before 1.4.1.50, RAX75 before 1.0.1.62, and RAX80 before 1.0.1.62.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-rax80r8000p_firmwarerax75_firmwarerax75r6400r6400_firmwarerax80_firmwarer7900pr8000pr7900p_firmwaren/a
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2020-3309
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-6.5||MEDIUM
EPSS-1.77% / 75.35%
||
7 Day CHG~0.00%
Published-06 May, 2020 | 16:40
Updated-15 Nov, 2024 | 17:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Firepower Device Manager On-Box Software Arbitrary File Overwrite Vulnerability

A vulnerability in Cisco Firepower Device Manager (FDM) On-Box software could allow an authenticated, remote attacker to overwrite arbitrary files on the underlying operating system of an affected device. The vulnerability is due to improper input validation. An attacker could exploit this vulnerability by uploading a malicious file to an affected device. A successful exploit could allow the attacker to overwrite arbitrary files on as well as modify the underlying operating system of an affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-firepower_device_manager_on-boxCisco Firepower Threat Defense Software
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-25743
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-1.78% / 75.53%
||
7 Day CHG~0.00%
Published-12 Feb, 2025 | 00:00
Updated-05 Mar, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

D-Link DIR-853 A1 FW1.20B07 was discovered to contain a command injection vulnerability in the SetVirtualServerSettings module.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-853_firmwaredir-853n/a
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2025-24499
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.77% / 51.01%
||
7 Day CHG~0.00%
Published-11 Feb, 2025 | 10:29
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0) (All versions < V3.0.0), SCALANCE WAM763-1 (6GK5763-1AL00-7DA0) (All versions < V3.0.0), SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0) (All versions < V3.0.0), SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0) (All versions < V3.0.0), SCALANCE WAM766-1 (6GK5766-1GE00-7DA0) (All versions < V3.0.0), SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0) (All versions < V3.0.0), SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0) (All versions < V3.0.0), SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0) (All versions < V3.0.0), SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0) (All versions < V3.0.0), SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0) (All versions < V3.0.0), SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0) (All versions < V3.0.0), SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0) (All versions < V3.0.0), SCALANCE WUM763-1 (6GK5763-1AL00-3AA0) (All versions < V3.0.0), SCALANCE WUM763-1 (6GK5763-1AL00-3DA0) (All versions < V3.0.0), SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0) (All versions < V3.0.0), SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0) (All versions < V3.0.0), SCALANCE WUM766-1 (6GK5766-1GE00-3DA0) (All versions < V3.0.0), SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0) (All versions < V3.0.0), SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0) (All versions < V3.0.0). Affected devices do not properly validate input while loading the configuration files. This could allow an authenticated remote attacker to execute arbitrary shell commands on the device.

Action-Not Available
Vendor-Siemens AG
Product-SCALANCE WUB762-1 iFeaturesSCALANCE WUM763-1SCALANCE WAB762-1SCALANCE WAM763-1 (US)SCALANCE WAM766-1SCALANCE WUB762-1SCALANCE WAM766-1 EECSCALANCE WAM766-1 EEC (US)SCALANCE WAM763-1 (ME)SCALANCE WUM766-1SCALANCE WAM766-1 (US)SCALANCE WUM766-1 (ME)SCALANCE WAM763-1SCALANCE WAM766-1 EEC (ME)SCALANCE WUM766-1 (USA)SCALANCE WUM763-1 (US)SCALANCE WAM766-1 (ME)
CWE ID-CWE-20
Improper Input Validation
CVE-2022-42904
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-7.67% / 93.85%
||
7 Day CHG~0.00%
Published-18 Nov, 2022 | 00:00
Updated-30 Apr, 2025 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Zoho ManageEngine ADManager Plus through 7151 allows authenticated admin users to execute the commands in proxy settings.

Action-Not Available
Vendor-n/aZoho Corporation Pvt. Ltd.
Product-manageengine_admanager_plusn/a
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2022-43863
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.74% / 50.13%
||
7 Day CHG~0.00%
Published-22 Mar, 2023 | 21:25
Updated-25 Feb, 2025 | 20:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IBM QRadar SIEM privilege escalation

IBM QRadar SIEM 7.4 and 7.5 is vulnerable to privilege escalation, allowing a user with some admin capabilities to gain additional admin capabilities. IBM X-Force ID: 239425.

Action-Not Available
Vendor-Linux Kernel Organization, IncIBM Corporation
Product-qradar_security_information_and_event_managerlinux_kernelQRadar SIEM
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-269
Improper Privilege Management
CVE-2026-9834
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-7.2||HIGH
EPSS-1.59% / 72.64%
||
7 Day CHG~0.00%
Published-02 Jul, 2026 | 08:33
Updated-02 Jul, 2026 | 13:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WP Database Backup <= 7.11 - Authenticated (Administrator+) OS Command Injection via 'wp_db_exclude_table' Parameter

The WP Database Backup – Unlimited Database & Files Backup by Backup for WP plugin for WordPress is vulnerable to OS Command Injection in all versions up to and including 7.11 via the `wp_db_exclude_table` parameter. This is due to the direct concatenation of user-supplied `$_POST['wp_db_exclude_table']` values into the `mysqldump` shell command string in the `mysqldump()` function of `includes/admin/class-wpdb-admin.php` without wrapping them in `escapeshellarg()`—every other argument in the same command (DB_USER, DB_PASSWORD, host, filename, DB_NAME) is properly escaped, making the exclude-table values the sole exception—and because the only applied filtering, `sanitize_text_field()` via `recursive_sanitize_text_field()`, strips HTML tags but leaves shell metacharacters such as `;`, `|`, `` ` ``, and `$()` intact. This makes it possible for authenticated attackers, with administrator-level access and above, to execute arbitrary operating system commands on the server, potentially enabling full remote code execution. The injection is stored: malicious values submitted through the plugin settings form are persisted to the WordPress options table via `update_option('wp_db_exclude_table')` and later retrieved with `get_option()` and passed unsanitized to `shell_exec()` whenever a backup operation runs.

Action-Not Available
Vendor-databasebackup
Product-WP Database Backup – Unlimited Database & Files Backup by Backup for WP
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2026-7833
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.6||HIGH
EPSS-2.34% / 81.52%
||
7 Day CHG~0.00%
Published-05 May, 2026 | 12:30
Updated-06 May, 2026 | 12:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
EFM ipTIME C200 ApplyRestore Endpoint iux_set.cgi sub_408F90 command injection

A weakness has been identified in EFM ipTIME C200 up to 1.092. This vulnerability affects the function sub_408F90 of the file /cgi/iux_set.cgi of the component ApplyRestore Endpoint. This manipulation of the argument RestoreFile causes command injection. The attack can be initiated remotely. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-EFM
Product-ipTIME C200
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2025-22962
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.88% / 54.65%
||
7 Day CHG~0.00%
Published-13 Feb, 2025 | 00:00
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A critical remote code execution (RCE) vulnerability exists in the web-based management interface of GatesAir Maxiva UAXT, VAXT transmitters when debugging mode is enabled. An attacker with a valid session ID (sess_id) can send specially crafted POST requests to the /json endpoint, enabling arbitrary command execution on the underlying system. This vulnerability can lead to full system compromise, including unauthorized access, privilege escalation, and potentially full device takeover.

Action-Not Available
Vendor-n/a
Product-n/a
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2026-8259
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.1||MEDIUM
EPSS-4.45% / 90.24%
||
7 Day CHG~0.00%
Published-11 May, 2026 | 01:00
Updated-11 May, 2026 | 17:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda AC6 httpd telnet os command injection

A vulnerability has been found in Tenda AC6 2.0/15.03.06.23. The affected element is an unknown function of the file /goform/telnet of the component httpd. The manipulation of the argument lan.ip leads to os command injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-ac6ac6_firmwareAC6
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-8265
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.1||MEDIUM
EPSS-4.41% / 90.16%
||
7 Day CHG~0.00%
Published-11 May, 2026 | 02:30
Updated-11 May, 2026 | 17:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda AC6 httpd getLogFile get_log_file os command injection

A security vulnerability has been detected in Tenda AC6 15.03.06.23. Affected by this issue is the function get_log_file of the file /goform/getLogFile of the component httpd. The manipulation of the argument wans.flag leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed publicly and may be used.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-ac6ac6_firmwareAC6
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-8271
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.1||MEDIUM
EPSS-4.64% / 90.60%
||
7 Day CHG~0.00%
Published-11 May, 2026 | 04:00
Updated-11 May, 2026 | 20:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
D-Link DNS-320 network_mgr.cgi cgi_upnp_edit os command injection

A vulnerability was identified in D-Link DNS-320 2.06B01. The impacted element is the function cgi_speed/cgi_dhcpd_lease/cgi_ddns/cgi_set_ip/cgi_upnp_del/cgi_dhcpd/cgi_upnp_add/cgi_upnp_edit of the file /cgi-bin/network_mgr.cgi. The manipulation leads to os command injection. The attack is possible to be carried out remotely. The exploit is publicly available and might be used.

Action-Not Available
Vendor-D-Link Corporation
Product-dns-320dns-320_firmwareDNS-320
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-8272
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.1||MEDIUM
EPSS-5.59% / 91.95%
||
7 Day CHG~0.00%
Published-11 May, 2026 | 04:15
Updated-12 May, 2026 | 13:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
D-Link DNS-320 webfile_mgr.cgi chown os command injection

A security flaw has been discovered in D-Link DNS-320 2.06B01. This affects the function delete/rename/copy/move/chmod/chown of the file /cgi-bin/webfile_mgr.cgi. The manipulation results in os command injection. The attack may be performed from remote. The exploit has been released to the public and may be used for attacks.

Action-Not Available
Vendor-D-Link Corporation
Product-dns-320dns-320_firmwareDNS-320
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-8273
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.1||MEDIUM
EPSS-4.54% / 90.41%
||
7 Day CHG~0.00%
Published-11 May, 2026 | 04:30
Updated-11 May, 2026 | 20:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
D-Link DNS-320 system_mgr.cgi cgi_merge_user os command injection

A weakness has been identified in D-Link DNS-320 2.06B01. This impacts the function cgi_set_host/cgi_set_ntp/cgi_fan_control/cgi_merge_user of the file /cgi-bin/system_mgr.cgi. This manipulation causes os command injection. It is possible to initiate the attack remotely.

Action-Not Available
Vendor-D-Link Corporation
Product-dns-320dns-320_firmwareDNS-320
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-23052
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.2||HIGH
EPSS-1.20% / 64.49%
||
7 Day CHG~0.00%
Published-14 Jan, 2025 | 17:38
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Authenticated Command Injection Vulnerability allows Unauthorized Command Execution in CLI Interface

Authenticated command injection vulnerability in the command line interface of a network management service. Successful exploitation of this vulnerability could allow an attacker to execute arbitrary commands as a privileged user on the underlying operating system.

Action-Not Available
Vendor-Hewlett Packard Enterprise (HPE)
Product-HPE Aruba Networking AOS
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2026-8431
Matching Score-4
Assigner-MongoDB, Inc.
ShareView Details
Matching Score-4
Assigner-MongoDB, Inc.
CVSS Score-9.4||CRITICAL
EPSS-0.37% / 29.14%
||
7 Day CHG~0.00%
Published-12 May, 2026 | 18:37
Updated-12 May, 2026 | 20:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Ops Manager RCE via webhook body

An administrative user with access to configure webhooks can execute arbitrary commands by configuring and then triggering webhooks containing specific FreeMarker template syntax.  This issue affects all MongoDB Ops Manager 7.0 versions and MongoDB Ops Manager versions 8.0.22 and prior.

Action-Not Available
Vendor-MongoDB, Inc.
Product-Ops Manager
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2026-6483
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.6||HIGH
EPSS-14.13% / 96.13%
||
7 Day CHG~0.00%
Published-17 Apr, 2026 | 10:30
Updated-22 Apr, 2026 | 20:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Wavlink WL-WN530H4 internet.cgi snprintf os command injection

A vulnerability was found in Wavlink WL-WN530H4 20220721. This vulnerability affects the function strcat/snprintf of the file /cgi-bin/internet.cgi. The manipulation results in os command injection. It is possible to launch the attack remotely. The exploit has been made public and could be used. Upgrading to version 2026.04.16 is able to resolve this issue. Upgrading the affected component is recommended.

Action-Not Available
Vendor-WAVLINK Technology Ltd.
Product-WL-WN530H4
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-6992
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.6||HIGH
EPSS-6.06% / 92.50%
||
7 Day CHG~0.00%
Published-25 Apr, 2026 | 18:00
Updated-30 Apr, 2026 | 14:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Linksys MR9600 JNAP Action run_central2.sh BTRequestGetSmartConnectStatus os command injection

A vulnerability was identified in Linksys MR9600 2.0.6.206937. This affects the function BTRequestGetSmartConnectStatus of the file /etc/init.d/run_central2.sh of the component JNAP Action Handler. The manipulation of the argument pin leads to os command injection. The attack may be initiated remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-Linksys Holdings, Inc.
Product-mr9600_firmwaremr9600MR9600
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-6973
Matching Score-4
Assigner-Ivanti
ShareView Details
Matching Score-4
Assigner-Ivanti
CVSS Score-7.2||HIGH
EPSS-34.45% / 98.21%
||
7 Day CHG~0.00%
Published-07 May, 2026 | 15:21
Updated-11 Jun, 2026 | 17:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2026-05-10||Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

An Improper Input Validation in Ivanti EPMM before versions 12.6.1.1, 12.7.0.1, and 12.8.0.1 allows a remotely authenticated user with administrative access to achieve remote code execution.

Action-Not Available
Vendor-Ivanti Software
Product-endpoint_manager_mobileEndpoint Manager MobileEndpoint Manager Mobile (EPMM)
CWE ID-CWE-20
Improper Input Validation
CVE-2025-20184
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.90% / 55.28%
||
7 Day CHG~0.00%
Published-05 Feb, 2025 | 16:14
Updated-08 Aug, 2025 | 17:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Secure Email and Web Manager and Secure Web Appliance Command Injection Vulnerability

A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email Gateway and Cisco Secure Web Appliance could allow an authenticated, remote attacker to perform command injection attacks against an affected device. The attacker must authenticate with valid administrator credentials. This vulnerability is due to insufficient validation of XML configuration files by an affected device. An attacker could exploit this vulnerability by uploading a crafted XML configuration file. A successful exploit could allow the attacker to inject commands to the underlying operating system with root privileges.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-secure_web_appliance_virtual_s1000vsecure_email_gateway_virtual_appliance_c300vsecure_email_gateway_virtual_appliance_c600vsecure_email_gateway_c395secure_web_appliance_s396secure_web_appliance_virtual_s100vsecure_web_appliance_virtual_s300vsecure_email_gateway_c695secure_email_gateway_c195secure_web_appliance_s196secure_web_appliance_virtual_s600vsecure_web_appliance_s696asyncossecure_email_gateway_virtual_appliance_c100vCisco Secure EmailCisco Secure Web Appliance
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2025-2043
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.1||MEDIUM
EPSS-0.46% / 36.47%
||
7 Day CHG~0.00%
Published-06 Mar, 2025 | 21:31
Updated-03 Oct, 2025 | 00:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
LinZhaoguan pb-cms Add New Topic admin#themes deserialization

A vulnerability was found in LinZhaoguan pb-cms 1.0.0 and classified as critical. This issue affects some unknown processing of the file /admin#themes of the component Add New Topic Handler. The manipulation of the argument Topic Key leads to deserialization. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-pb-cms_projectLinZhaoguan
Product-pb-cmspb-cms
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2026-5844
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.6||HIGH
EPSS-5.08% / 91.30%
||
7 Day CHG~0.00%
Published-09 Apr, 2026 | 04:45
Updated-30 Apr, 2026 | 16:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
D-Link DIR-882 HNAP1 SetNetworkSettings prog.cgi sprintf os command injection

A vulnerability was found in D-Link DIR-882 1.01B02. Impacted is the function sprintf of the file prog.cgi of the component HNAP1 SetNetworkSettings Handler. The manipulation of the argument IPAddress results in os command injection. The attack may be performed from remote. The exploit has been made public and could be used. This vulnerability only affects products that are no longer supported by the maintainer.

Action-Not Available
Vendor-D-Link Corporation
Product-dir-882_firmwaredir-882DIR-882
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-41617
Matching Score-4
Assigner-F5, Inc.
ShareView Details
Matching Score-4
Assigner-F5, Inc.
CVSS Score-7.2||HIGH
EPSS-1.10% / 61.64%
||
7 Day CHG~0.00%
Published-19 Oct, 2022 | 21:19
Updated-08 May, 2025 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
BIG-IP Advanced WAF and ASM iControl REST vulnerability CVE-2022-41617

In versions 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5.1, and 13.1.x before 13.1.5.1, When the Advanced WAF / ASM module is provisioned, an authenticated remote code execution vulnerability exists in the BIG-IP iControl REST interface.

Action-Not Available
Vendor-F5, Inc.
Product-big-ip_advanced_web_application_firewallbig-ip_application_security_managerBIG-IP Advanced WAF & ASM
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2022-41870
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-1.22% / 65.04%
||
7 Day CHG~0.00%
Published-30 Sep, 2022 | 16:24
Updated-20 May, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

AP Manager in Innovaphone before 13r2 Service Release 17 allows command injection via a modified service ID during app upload.

Action-Not Available
Vendor-innovaphonen/a
Product-innovaphone_firmwaren/a
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2025-15438
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.1||MEDIUM
EPSS-0.39% / 30.54%
||
7 Day CHG~0.00%
Published-02 Jan, 2026 | 14:32
Updated-27 Feb, 2026 | 03:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PluXml Media Management medias.php __destruct deserialization

A vulnerability was determined in PluXml up to 5.8.22. Affected is the function FileCookieJar::__destruct of the file core/admin/medias.php of the component Media Management Module. Executing a manipulation of the argument File can lead to deserialization. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized. The vendor was informed early about this issue and announced that "[w]e fix this issue in the next version 5.8.23". A patch for it is ready.

Action-Not Available
Vendor-pluxmln/a
Product-pluxmlPluXml
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2025-15472
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.6||HIGH
EPSS-20.10% / 97.13%
||
7 Day CHG~0.00%
Published-06 Jan, 2026 | 22:02
Updated-23 Feb, 2026 | 08:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
TRENDnet TEW-811DRU httpd  uapply.cgi setDeviceURL  os command injection

A flaw has been found in TRENDnet TEW-811DRU 1.0.2.0. This affects the function setDeviceURL  of the file uapply.cgi of the component httpd . This manipulation of the argument DeviceURL causes os command injection. The attack can be initiated remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-TRENDnet, Inc.
Product-tew-811drutew-811dru_firmwareTEW-811DRU
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-45625
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.2||HIGH
EPSS-1.81% / 75.97%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 22:57
Updated-02 Aug, 2024 | 20:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple authenticated command injection vulnerabilities exist in the command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system.

Action-Not Available
Vendor-HP Inc.Aruba NetworksHewlett Packard Enterprise (HPE)
Product-arubaosinstantosAruba Access Points: 100 Series; 103 Series; 110 Series; 120 Series; 130 Series; 200 Series; 207 Series; 210 Series; 220 Series; 260 Series; 300 Series; 303 Series; 310 Series; 318 Series Hardened Access Points; 320 Series; 330 Series; 340 Series; 370 Series; 500 Series; 510 Series; 530 Series; 550 Series; 630 Series; 650 Series;
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2026-5338
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.1||MEDIUM
EPSS-4.35% / 90.05%
||
7 Day CHG~0.00%
Published-02 Apr, 2026 | 14:00
Updated-07 Apr, 2026 | 15:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda G103 Setting system.lua action_set_system_settings command injection

A security vulnerability has been detected in Tenda G103 1.0.0.5. The affected element is the function action_set_system_settings of the file system.lua of the component Setting Handler. Such manipulation of the argument lanIp leads to command injection. The attack may be performed from remote. The exploit has been disclosed publicly and may be used.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-g103g103_firmwareG103
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2025-14188
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.6||HIGH
EPSS-2.47% / 82.55%
||
7 Day CHG~0.00%
Published-07 Dec, 2025 | 11:02
Updated-28 Jan, 2026 | 07:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
UGREEN DH2100+ nas_svr create handler_file_backup_create command injection

A security vulnerability has been detected in UGREEN DH2100+ up to 5.3.0.251125. This impacts the function handler_file_backup_create of the file /v1/file/backup/create of the component nas_svr. The manipulation of the argument path leads to command injection. The attack is possible to be carried out remotely. The exploit has been disclosed publicly and may be used. Upgrading the affected component is advised.

Action-Not Available
Vendor-UGREEN
Product-DH2100+
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2025-14558
Matching Score-4
Assigner-FreeBSD
ShareView Details
Matching Score-4
Assigner-FreeBSD
CVSS Score-7.2||HIGH
EPSS-6.27% / 92.72%
||
7 Day CHG~0.00%
Published-09 Mar, 2026 | 11:27
Updated-17 Mar, 2026 | 15:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Remote code execution via ND6 Router Advertisements

The rtsol(8) and rtsold(8) programs do not validate the domain search list options provided in router advertisement messages; the option body is passed to resolvconf(8) unmodified. resolvconf(8) is a shell script which does not validate its input. A lack of quoting meant that shell commands pass as input to resolvconf(8) may be executed.

Action-Not Available
Vendor-FreeBSD Foundation
Product-freebsdFreeBSD
CWE ID-CWE-20
Improper Input Validation
CVE-2025-14884
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.6||HIGH
EPSS-9.36% / 94.79%
||
7 Day CHG~0.00%
Published-18 Dec, 2025 | 17:02
Updated-07 Jan, 2026 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
D-Link DIR-605 Firmware Update Service command injection

A vulnerability was detected in D-Link DIR-605 202WWB03. Affected by this issue is some unknown functionality of the component Firmware Update Service. Performing manipulation results in command injection. The attack can be initiated remotely. The exploit is now public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

Action-Not Available
Vendor-D-Link Corporation
Product-dir-605_firmwaredir-605DIR-605
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2025-14092
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.1||MEDIUM
EPSS-14.68% / 96.25%
||
7 Day CHG~0.00%
Published-05 Dec, 2025 | 16:02
Updated-24 Feb, 2026 | 05:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Edimax BR-6478AC V3 formDebugDiagnosticRun sub_416898 os command injection

A security vulnerability has been detected in Edimax BR-6478AC V3 1.0.15. This issue affects the function sub_416898 of the file /boafrm/formDebugDiagnosticRun. The manipulation of the argument host leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-Edimax Technology Company Ltd.
Product-br-6478ac_v3br-6478ac_v3_firmwareBR-6478AC V3
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-13428
Matching Score-4
Assigner-f45cbf4e-4146-4068-b7e1-655ffc2c548c
ShareView Details
Matching Score-4
Assigner-f45cbf4e-4146-4068-b7e1-655ffc2c548c
CVSS Score-8.6||HIGH
EPSS-0.29% / 20.50%
||
7 Day CHG~0.00%
Published-09 Dec, 2025 | 06:28
Updated-03 Feb, 2026 | 19:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
RCE in SecOps SOAR server via user-provided Python packages

A vulnerability exists in the SecOps SOAR server. The custom integrations feature allowed an authenticated user with an "IDE role" to achieve Remote Code Execution (RCE) in the server. The flaw stemmed from weak validation of uploaded Python package code. An attacker could upload a package containing a malicious setup.py file, which would execute on the server during the installation process, leading to potential server compromise. No customer action is required. All customers have been automatically upgraded to the fixed version: 6.3.64 or higher.

Action-Not Available
Vendor-Google CloudGoogle LLC
Product-security_operations_soarGoogle Cloud SecOps SOAR
CWE ID-CWE-20
Improper Input Validation
CVE-2022-40770
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-82.53% / 99.62%
||
7 Day CHG~0.00%
Published-23 Nov, 2022 | 00:00
Updated-28 Apr, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Zoho ManageEngine ServiceDesk Plus versions 13010 and prior are vulnerable to authenticated command injection. This can be exploited by high-privileged users.

Action-Not Available
Vendor-n/aZoho Corporation Pvt. Ltd.
Product-manageengine_servicedesk_plusmanageengine_servicedesk_plus_mspmanageengine_supportcenter_plusn/a
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2025-12945
Matching Score-4
Assigner-a2826606-91e7-4eb6-899e-8484bd4575d5
ShareView Details
Matching Score-4
Assigner-a2826606-91e7-4eb6-899e-8484bd4575d5
CVSS Score-1.1||LOW
EPSS-1.61% / 72.95%
||
7 Day CHG~0.00%
Published-09 Dec, 2025 | 17:01
Updated-16 Jan, 2026 | 21:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper input validation in NETGEAR Nighthawk router R7000P

A vulnerability in NETGEAR Nighthawk R7000P routers lets an authenticated admin execute OS command injections due to improper input validation. This issue affects R7000P: through 1.3.3.154.

Action-Not Available
Vendor-NETGEAR, Inc.
Product-r7000pr7000p_firmwareR7000P
CWE ID-CWE-20
Improper Input Validation
CVE-2025-11335
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.1||MEDIUM
EPSS-4.75% / 90.79%
||
7 Day CHG~0.00%
Published-06 Oct, 2025 | 12:32
Updated-19 Nov, 2025 | 21:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
D-Link DI-7100G C1 jhttpd msp_info.htm sub_46409C command injection

A weakness has been identified in D-Link DI-7100G C1 up to 20250928. Affected by this vulnerability is the function sub_46409C of the file /msp_info.htm?flag=qos of the component jhttpd. This manipulation of the argument iface causes command injection. The attack is possible to be carried out remotely. The exploit has been made available to the public and could be exploited.

Action-Not Available
Vendor-D-Link Corporation
Product-di-7100g_c1_firmwaredi-7100g_c1DI-7100G C1
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2022-39265
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.2||HIGH
EPSS-2.15% / 79.94%
||
7 Day CHG~0.00%
Published-06 Oct, 2022 | 00:00
Updated-22 Apr, 2025 | 17:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Mail settings' command parameter injection in mybb

MyBB is a free and open source forum software. The _Mail Settings_ → Additional Parameters for PHP's mail() function mail_parameters setting value, in connection with the configured mail program's options and behavior, may allow access to sensitive information and Remote Code Execution (RCE). The vulnerable module requires Admin CP access with the `_Can manage settings?_` permission and may depend on configured file permissions. MyBB 1.8.31 resolves this issue with the commit `0cd318136a`. Users are advised to upgrade. There are no known workarounds for this vulnerability.

Action-Not Available
Vendor-MyBB
Product-mybbmybb
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2022-37881
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.2||HIGH
EPSS-1.34% / 67.92%
||
7 Day CHG+0.04%
Published-20 Sep, 2022 | 19:54
Updated-28 May, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise in Aruba ClearPass Policy Manager version(s): 6.10.x: 6.10.6 and below; 6.9.x: 6.9.11 and below. Aruba has released upgrades for Aruba ClearPass Policy Manager that address these security vulnerabilities.

Action-Not Available
Vendor-n/aAruba Networks
Product-clearpass_policy_managerAruba ClearPass Policy Manager
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2025-11331
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.1||MEDIUM
EPSS-17.35% / 96.74%
||
7 Day CHG-0.22%
Published-06 Oct, 2025 | 10:02
Updated-07 Oct, 2025 | 16:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IdeaCMS Website Name Config.php command injection

A vulnerability was found in IdeaCMS up to 1.8. The impacted element is an unknown function of the file app/common/logic/admin/Config.php of the component Website Name Handler. Performing manipulation of the argument 网站名称 results in command injection. The attack may be initiated remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-ideacmsn/a
Product-ideacmsIdeaCMS
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2022-38156
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-1.28% / 66.42%
||
7 Day CHG~0.00%
Published-12 Jun, 2023 | 00:00
Updated-03 Jan, 2025 | 23:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote command injection issues exists in the web server of the Kratos SpectralNet device with SpectralNet Narrowband (NB) before 1.7.5. As an admin user, an attacker can send a crafted password in order to execute Linux commands as the root user.

Action-Not Available
Vendor-kratosdefensen/a
Product-spectralnet_narrowband_firmwarespectralnet_narrowbandn/a
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2022-38123
Matching Score-4
Assigner-Secomea A/S
ShareView Details
Matching Score-4
Assigner-Secomea A/S
CVSS Score-8.7||HIGH
EPSS-0.75% / 50.34%
||
7 Day CHG~0.00%
Published-06 Dec, 2022 | 15:58
Updated-23 Apr, 2025 | 16:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Insufficient validation of plugin files

Improper Input Validation of plugin files in Administrator Interface of Secomea GateManager allows a server administrator to inject code into the GateManager interface. This issue affects: Secomea GateManager versions prior to 10.0.

Action-Not Available
Vendor-Secomea A/S
Product-gatemanagerGateManager
CWE ID-CWE-20
Improper Input Validation
CVE-2025-10775
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.1||MEDIUM
EPSS-20.02% / 97.12%
||
7 Day CHG~0.00%
Published-22 Sep, 2025 | 01:02
Updated-07 Oct, 2025 | 20:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Wavlink WL-NU516U1 login.cgi sub_4012A0 os command injection

A security vulnerability has been detected in Wavlink WL-NU516U1 240425. This vulnerability affects the function sub_4012A0 of the file /cgi-bin/login.cgi. Such manipulation of the argument ipaddr leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-WAVLINK Technology Ltd.
Product-wl-nu516u1_firmwarewl-nu516u1WL-NU516U1
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-37883
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.2||HIGH
EPSS-1.34% / 67.92%
||
7 Day CHG+0.04%
Published-20 Sep, 2022 | 19:51
Updated-29 May, 2025 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise in Aruba ClearPass Policy Manager version(s): 6.10.x: 6.10.6 and below; 6.9.x: 6.9.11 and below. Aruba has released upgrades for Aruba ClearPass Policy Manager that address these security vulnerabilities.

Action-Not Available
Vendor-n/aAruba Networks
Product-clearpass_policy_managerAruba ClearPass Policy Manager
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2022-37879
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.2||HIGH
EPSS-1.39% / 68.91%
||
7 Day CHG-0.01%
Published-20 Sep, 2022 | 19:57
Updated-28 May, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise in Aruba ClearPass Policy Manager version(s): 6.10.x: 6.10.6 and below; 6.9.x: 6.9.11 and below. Aruba has released upgrades for Aruba ClearPass Policy Manager that address these security vulnerabilities.

Action-Not Available
Vendor-n/aAruba Networks
Product-clearpass_policy_managerAruba ClearPass Policy Manager
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 10
  • 11
  • Next
Details not found