Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2024-29973

Summary
Assigner-Zyxel
Assigner Org ID-96e50032-ad0d-4058-a115-4d2c13821f9f
Published At-04 Jun, 2024 | 01:29
Updated At-02 Aug, 2024 | 01:17
Rejected At-
Credits

** UNSUPPORTED WHEN ASSIGNED ** The command injection vulnerability in the “setCookie” parameter in Zyxel NAS326 firmware versions before V5.21(AAZF.17)C0 and NAS542 firmware versions before V5.21(ABAG.14)C0 could allow an unauthenticated attacker to execute some operating system (OS) commands by sending a crafted HTTP POST request.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:Zyxel
Assigner Org ID:96e50032-ad0d-4058-a115-4d2c13821f9f
Published At:04 Jun, 2024 | 01:29
Updated At:02 Aug, 2024 | 01:17
Rejected At:
▼CVE Numbering Authority (CNA)

** UNSUPPORTED WHEN ASSIGNED ** The command injection vulnerability in the “setCookie” parameter in Zyxel NAS326 firmware versions before V5.21(AAZF.17)C0 and NAS542 firmware versions before V5.21(ABAG.14)C0 could allow an unauthenticated attacker to execute some operating system (OS) commands by sending a crafted HTTP POST request.

Affected Products
Vendor
Zyxel Networks CorporationZyxel
Product
NAS326 firmware
Default Status
unaffected
Versions
Affected
  • < V5.21(AAZF.17)C0
Vendor
Zyxel Networks CorporationZyxel
Product
NAS542 firmware
Default Status
unaffected
Versions
Affected
  • < V5.21(ABAG.14)C0
Problem Types
TypeCWE IDDescription
CWECWE-78CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Type: CWE
CWE ID: CWE-78
Description: CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Metrics
VersionBase scoreBase severityVector
3.19.8CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-nas-products-06-04-2024
vendor-advisory
https://outpost24.com/blog/zyxel-nas-critical-vulnerabilities/
N/A
Hyperlink: https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-nas-products-06-04-2024
Resource:
vendor-advisory
Hyperlink: https://outpost24.com/blog/zyxel-nas-critical-vulnerabilities/
Resource: N/A
▼Authorized Data Publishers (ADP)
1. CISA ADP Vulnrichment
Affected Products
Vendor
Zyxel Networks Corporationzyxel
Product
nas326_firmware
CPEs
  • cpe:2.3:o:zyxel:nas326_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 before v5.21\(aazf.17\)co (custom)
Vendor
Zyxel Networks Corporationzyxel
Product
nas542_firmware
CPEs
  • cpe:2.3:o:zyxel:nas542_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 before 5.21\(abag.14\)co (custom)
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
2. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-nas-products-06-04-2024
vendor-advisory
x_transferred
https://outpost24.com/blog/zyxel-nas-critical-vulnerabilities/
x_transferred
Hyperlink: https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-nas-products-06-04-2024
Resource:
vendor-advisory
x_transferred
Hyperlink: https://outpost24.com/blog/zyxel-nas-critical-vulnerabilities/
Resource:
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:security@zyxel.com.tw
Published At:04 Jun, 2024 | 02:15
Updated At:22 Jan, 2025 | 22:40

** UNSUPPORTED WHEN ASSIGNED ** The command injection vulnerability in the “setCookie” parameter in Zyxel NAS326 firmware versions before V5.21(AAZF.17)C0 and NAS542 firmware versions before V5.21(ABAG.14)C0 could allow an unauthenticated attacker to execute some operating system (OS) commands by sending a crafted HTTP POST request.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.19.8CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CPE Matches
Zyxel Networks Corporation
zyxel
>>nas326_firmware>>Versions before 5.21\(aazf.17\)c0(exclusive)
cpe:2.3:o:zyxel:nas326_firmware:*:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>nas326>>-
cpe:2.3:h:zyxel:nas326:-:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>nas542_firmware>>Versions before 5.21\(abag.14\)c0(exclusive)
cpe:2.3:o:zyxel:nas542_firmware:*:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>nas542>>-
cpe:2.3:h:zyxel:nas542:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-78Secondarysecurity@zyxel.com.tw
CWE ID: CWE-78
Type: Secondary
Source: security@zyxel.com.tw
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://outpost24.com/blog/zyxel-nas-critical-vulnerabilities/security@zyxel.com.tw
Exploit
Third Party Advisory
https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-nas-products-06-04-2024security@zyxel.com.tw
Vendor Advisory
https://outpost24.com/blog/zyxel-nas-critical-vulnerabilities/af854a3a-2127-422b-91ae-364da2661108
Exploit
Third Party Advisory
https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-nas-products-06-04-2024af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Hyperlink: https://outpost24.com/blog/zyxel-nas-critical-vulnerabilities/
Source: security@zyxel.com.tw
Resource:
Exploit
Third Party Advisory
Hyperlink: https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-nas-products-06-04-2024
Source: security@zyxel.com.tw
Resource:
Vendor Advisory
Hyperlink: https://outpost24.com/blog/zyxel-nas-critical-vulnerabilities/
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Third Party Advisory
Hyperlink: https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-nas-products-06-04-2024
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

1294Records found
CVE-2021-35032
Matching Score-6
Assigner-Zyxel Corporation
ShareView Details
Matching Score-6
Assigner-Zyxel Corporation
CVSS Score-6.4||MEDIUM
EPSS-0.04% / 8.84%
||
7 Day CHG~0.00%
Published-28 Dec, 2021 | 10:42
Updated-04 Aug, 2024 | 00:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the 'libsal.so' of the Zyxel GS1900 series firmware version 2.60 could allow an authenticated local user to execute arbitrary OS commands via a crafted function call.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-gs1900-24hpv2_firmwaregs1900-10hpgs1900-24_firmwaregs1900-24e_firmwaregs1900-8gs1900-48hpgs1900-8hp_firmwaregs1900-48_firmwaregs1900-48hpv2_firmwaregs1900-48hpv2gs1900-24epgs1900-24ep_firmwaregs1900-24gs1900-8hpgs1900-24egs1900-24hpv2gs1900-8_firmwaregs1900-48gs1900-48hp_firmwaregs1900-16_firmwaregs1900-10hp_firmwaregs1900-16gs1900-24hp_firmwaregs1900-24hpGS1900 series firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-35031
Matching Score-6
Assigner-Zyxel Corporation
ShareView Details
Matching Score-6
Assigner-Zyxel Corporation
CVSS Score-6.8||MEDIUM
EPSS-0.08% / 25.46%
||
7 Day CHG~0.00%
Published-28 Dec, 2021 | 10:36
Updated-04 Aug, 2024 | 00:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the TFTP client of Zyxel GS1900 series firmware, XGS1210 series firmware, and XGS1250 series firmware, which could allow an authenticated LAN user to execute arbitrary OS commands via the GUI of the vulnerable device.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-gs1900-24hpv2_firmwaregs1900-10hpxgs1250-12gs1900-24_firmwaregs1900-24e_firmwaregs1900-8gs1900-48hpgs1900-8hp_firmwaregs1900-48_firmwaregs1900-48hpv2_firmwaregs1900-48hpv2gs1900-24epgs1900-24ep_firmwarexgs1210-12xgs1250-12_firmwaregs1900-24hp_firmwaregs1900-24gs1900-8hpgs1900-24egs1900-24hpv2gs1900-8_firmwaregs1900-48gs1900-48hp_firmwaregs1900-16_firmwaregs1900-10hp_firmwaregs1900-16xgs1210-12_firmwaregs1900-24hpGS1900 series firmwareXGS1210 series firmwareXGS1250 series firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-35028
Matching Score-6
Assigner-Zyxel Corporation
ShareView Details
Matching Score-6
Assigner-Zyxel Corporation
CVSS Score-7.3||HIGH
EPSS-0.07% / 21.73%
||
7 Day CHG~0.00%
Published-29 Sep, 2021 | 10:35
Updated-04 Aug, 2024 | 00:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A command injection vulnerability in the CGI program of the Zyxel VPN2S firmware version 1.12 could allow an authenticated, local user to execute arbitrary OS commands.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-zywall_vpn2s_firmwarezywall_vpn2sZyWALL VPN2S Firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-42059
Matching Score-6
Assigner-Zyxel Corporation
ShareView Details
Matching Score-6
Assigner-Zyxel Corporation
CVSS Score-7.2||HIGH
EPSS-1.48% / 80.22%
||
7 Day CHG~0.00%
Published-03 Sep, 2024 | 01:51
Updated-13 Dec, 2024 | 16:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A post-authentication command injection vulnerability in Zyxel ATP series firmware versions from V5.00 through V5.38, USG FLEX series firmware versions from V5.00 through V5.38, USG FLEX 50(W) series firmware versions from V5.00 through V5.38, and USG20(W)-VPN series firmware versions from V5.00 through V5.38 could allow an authenticated attacker with administrator privileges to execute some OS commands on an affected device by uploading a crafted compressed language file via FTP.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-zldusg_20w-vpnatp100atp800usg_flex_200usg_flex_100atp100wusg_flex_50watp200atp500atp700usg_flex_100axusg_flex_700usg_flex_100wusg_flex_500usg_flex_50USG FLEX 50(W) series firmwareUSG20(W)-VPN series firmwareUSG FLEX series firmwareATP series firmwareusg_flex_50w_firmwareatp800_firmwareusg_flex_700h_firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-42057
Matching Score-6
Assigner-Zyxel Corporation
ShareView Details
Matching Score-6
Assigner-Zyxel Corporation
CVSS Score-8.1||HIGH
EPSS-6.27% / 90.54%
||
7 Day CHG~0.00%
Published-03 Sep, 2024 | 01:43
Updated-13 Dec, 2024 | 16:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A command injection vulnerability in the IPSec VPN feature of Zyxel ATP series firmware versions from V4.32 through V5.38, USG FLEX series firmware versions from V4.50 through V5.38, USG FLEX 50(W) series firmware versions from V4.16 through V5.38, and USG20(W)-VPN series firmware versions from V4.16 through V5.38 could allow an unauthenticated attacker to execute some OS commands on an affected device by sending a crafted username to the vulnerable device. Note that this attack could be successful only if the device was configured in User-Based-PSK authentication mode and a valid user with a long username exceeding 28 characters exists.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-zldusg_20w-vpnatp100atp800usg_flex_200usg_flex_100atp100wusg_flex_50watp200atp500atp700usg_flex_100axusg_flex_700usg_flex_100wusg_flex_500usg_flex_50USG FLEX 50(W) series firmwareUSG20(W)-VPN series firmwareUSG FLEX series firmwareATP series firmwareusg_flex_50w_firmwareatp800_firmwareusg_flex_700h_firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-42060
Matching Score-6
Assigner-Zyxel Corporation
ShareView Details
Matching Score-6
Assigner-Zyxel Corporation
CVSS Score-7.2||HIGH
EPSS-1.48% / 80.22%
||
7 Day CHG~0.00%
Published-03 Sep, 2024 | 01:54
Updated-13 Dec, 2024 | 16:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A post-authentication command injection vulnerability in Zyxel ATP series firmware versions from V4.32 through V5.38, USG FLEX series firmware versions from V4.50 through V5.38, USG FLEX 50(W) series firmware versions from V4.16 through V5.38, and USG20(W)-VPN series firmware versions from V4.16 through V5.38 could allow an authenticated attacker with administrator privileges to execute some OS commands on an affected device by uploading a crafted internal user agreement file to the vulnerable device.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-zldusg_20w-vpnatp100atp800usg_flex_200usg_flex_100atp100wusg_flex_50watp200atp500atp700usg_flex_100axusg_flex_700usg_flex_100wusg_flex_500usg_flex_50USG FLEX 50(W) series firmwareUSG20(W)-VPN series firmwareUSG FLEX series firmwareATP series firmwareusg_flex_50w_firmwareatp800_firmwareusg_flex_700h_firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-40891
Matching Score-6
Assigner-Zyxel Corporation
ShareView Details
Matching Score-6
Assigner-Zyxel Corporation
CVSS Score-8.8||HIGH
EPSS-48.76% / 97.68%
||
7 Day CHG~0.00%
Published-04 Feb, 2025 | 10:02
Updated-30 Jul, 2025 | 01:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2025-03-04||The impacted product could be end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue product utilization if a current mitigation is unavailable.

**UNSUPPORTED WHEN ASSIGNED** A post-authentication command injection vulnerability in the management commands of the legacy DSL CPE Zyxel VMG4325-B10A firmware version 1.00(AAFR.4)C0_20170615 could allow an authenticated attacker to execute operating system (OS) commands on an affected device via Telnet.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-sbg3500-nb00vmg8924-b10a_firmwaresbg3300-nb00vmg1312-b10bvmg4325-b10a_firmwaresbg3500-n000_firmwaresbg3300-n000vmg1312-b10b_firmwarevmg3313-b10avmg8324-b10a_firmwarevmg8324-b10asbg3300-nb00_firmwarevmg3312-b10avmg4380-b10avmg1312-b10avmg3313-b10a_firmwarevmg1312-b10a_firmwaresbg3500-nb00_firmwarevmg3312-b10a_firmwarevmg1312-b10evmg3926-b10bsbg3300-n000_firmwarevmg3926-b10b_firmwarevmg1312-b10e_firmwarevmg4380-b10a_firmwarevmg8924-b10avmg4325-b10aVMG4325-B10A firmwareDSL CPE Devices
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-40890
Matching Score-6
Assigner-Zyxel Corporation
ShareView Details
Matching Score-6
Assigner-Zyxel Corporation
CVSS Score-8.8||HIGH
EPSS-21.44% / 95.49%
||
7 Day CHG+2.33%
Published-04 Feb, 2025 | 09:55
Updated-30 Jul, 2025 | 01:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2025-03-04||The impacted product could be end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue product utilization if a current mitigation is unavailable.

**UNSUPPORTED WHEN ASSIGNED** A post-authentication command injection vulnerability in the CGI program of the legacy DSL CPE Zyxel VMG4325-B10A firmware version 1.00(AAFR.4)C0_20170615 could allow an authenticated attacker to execute operating system (OS) commands on an affected device by sending a crafted HTTP POST request.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-sbg3500-nb00vmg8924-b10a_firmwaresbg3300-nb00vmg1312-b10bvmg4325-b10a_firmwaresbg3500-n000_firmwaresbg3300-n000vmg1312-b10b_firmwarevmg3313-b10avmg8324-b10a_firmwarevmg8324-b10asbg3300-nb00_firmwarevmg3312-b10avmg4380-b10avmg1312-b10avmg3313-b10a_firmwarevmg1312-b10a_firmwaresbg3500-nb00_firmwarevmg3312-b10a_firmwarevmg1312-b10evmg3926-b10bsbg3300-n000_firmwarevmg3926-b10b_firmwarevmg1312-b10e_firmwarevmg4380-b10a_firmwarevmg8924-b10avmg4325-b10aVMG4325-B10A firmwareDSL CPE Devices
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-14893
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-11.66% / 93.40%
||
7 Day CHG~0.00%
Published-27 Nov, 2018 | 21:00
Updated-05 Aug, 2024 | 09:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A system command injection vulnerability in zyshclient in ZyXEL NSA325 V2 version 4.81 allows attackers to execute system commands via the web application API.

Action-Not Available
Vendor-n/aZyxel Networks Corporation
Product-nsa325_v2nsa325_v2_firmwaren/a
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-12010
Matching Score-6
Assigner-Zyxel Corporation
ShareView Details
Matching Score-6
Assigner-Zyxel Corporation
CVSS Score-7.2||HIGH
EPSS-0.26% / 49.54%
||
7 Day CHG~0.00%
Published-11 Mar, 2025 | 01:44
Updated-12 Mar, 2025 | 04:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A post-authentication command injection vulnerability in the ”zyUtilMailSend” function of the Zyxel AX7501-B1 firmware version V5.17(ABPC.5.3)C0 and earlier could allow an authenticated attacker with administrator privileges to execute operating system (OS) commands on a vulnerable device.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-AX7501-B1 firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-12009
Matching Score-6
Assigner-Zyxel Corporation
ShareView Details
Matching Score-6
Assigner-Zyxel Corporation
CVSS Score-7.2||HIGH
EPSS-0.26% / 49.54%
||
7 Day CHG~0.00%
Published-11 Mar, 2025 | 01:37
Updated-12 Mar, 2025 | 04:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A post-authentication command injection vulnerability in the "ZyEE" function of the Zyxel EX5601-T1 firmware version V5.70(ACDZ.3.6)C0 and earlier could allow an authenticated attacker with administrator privileges to execute operating system (OS) commands on a vulnerable device.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-EX5601-T1 firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-11253
Matching Score-6
Assigner-Zyxel Corporation
ShareView Details
Matching Score-6
Assigner-Zyxel Corporation
CVSS Score-7.2||HIGH
EPSS-0.26% / 49.54%
||
7 Day CHG~0.00%
Published-11 Mar, 2025 | 01:29
Updated-12 Mar, 2025 | 04:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A post-authentication command injection vulnerability in the "DNSServer” parameter of the diagnostic function in the Zyxel VMG8825-T50K firmware version V5.50(ABOM.8.5)C0 and earlier could allow an authenticated attacker with administrator privileges to execute operating system (OS) commands on a vulnerable device.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-VMG8825-T50K firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2014-0356
Matching Score-6
Assigner-CERT/CC
ShareView Details
Matching Score-6
Assigner-CERT/CC
CVSS Score-7.9||HIGH
EPSS-0.58% / 67.77%
||
7 Day CHG~0.00%
Published-15 Apr, 2014 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ZyXEL Wireless N300 NetUSB NBG-419N router with firmware 1.00(BFQ.6)C0 allows remote attackers to execute arbitrary code via shell metacharacters in input to the (1) detectWeather, (2) set_language, (3) SystemCommand, or (4) NTPSyncWithHost function in management.c, or a (5) SET COUNTRY, (6) SET WLAN SSID, (7) SET WLAN CHANNEL, (8) SET WLAN STATUS, or (9) SET WLAN COUNTRY udps command.

Action-Not Available
Vendor-n/aZyxel Networks Corporation
Product-n300_netusb_nbg-419nn300_netusb_nbg-419n_firmwaren/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-43390
Matching Score-6
Assigner-Zyxel Corporation
ShareView Details
Matching Score-6
Assigner-Zyxel Corporation
CVSS Score-5.4||MEDIUM
EPSS-1.53% / 80.57%
||
7 Day CHG~0.00%
Published-11 Jan, 2023 | 00:00
Updated-08 Apr, 2025 | 20:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A command injection vulnerability in the CGI program of Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an authenticated attacker to execute some OS commands on a vulnerable device by sending a crafted HTTP request.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-ex5601-t1_firmwaredx3301-t0vmg4005-b50aex5512-t0_firmwarepm5100-t0_firmwarevmg3927-t50kpm7320-b0vmg8825-t50kdx5401-b0ex5601-t1ax7501-b0ex3510-b0nebula_nr5101vmg8623-t50bemg3525-t50bnr7102_firmwarevmg8825-t50k_firmwarepm7300-t0_firmwareemg5723-t50kdx3301-t0_firmwarepmg5622gaex5510-b0_firmwarenebula_nr7101_firmwarepmg5317-t20b_firmwarepmg5617-t20b2lte7490-m904_firmwarepmg5622ga_firmwareex5401-b0_firmwarewx3401-b0_firmwareex5512-t0ex5600-t1dx4510-b1pm3100-t0_firmwarewx3100-t0_firmwareemg5523-t50bvmg8623-t50b_firmwarewx3100-t0vmg4005-b60apmg5317-t20bex5501-b0dx4510-b1_firmwarepm7320-b0_firmwareex5510-b0pmg5617-t20b2_firmwarevmg4005-b60a_firmwarenr7102ex5601-t0_firmwarevmg4005-b50a_firmwareex5501-b0_firmwaredx5401-b0_firmwareex3301-t0ex5401-b0nebula_nr7101nr5101_firmwarepmg5617gaex3510-b0_firmwarewx3401-b0pm5100-t0nr7101ax7501-b0_firmwareemg5723-t50k_firmwarevmg3927-t50k_firmwarepm3100-t0nr7101_firmwarelte7490-m904ex5601-t0ex5600-t1_firmwarelte7480-m804_firmwarenebula_nr5101_firmwarewx5600-t0emg5523-t50b_firmwarenr5101pm7300-t0ex3301-t0_firmwarepmg5617ga_firmwarelte7480-m804emg3525-t50b_firmwarewx5600-t0_firmwareNR7101 firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-38547
Matching Score-6
Assigner-Zyxel Corporation
ShareView Details
Matching Score-6
Assigner-Zyxel Corporation
CVSS Score-7.2||HIGH
EPSS-0.45% / 62.53%
||
7 Day CHG~0.00%
Published-07 Feb, 2023 | 00:00
Updated-25 Mar, 2025 | 15:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A post-authentication command injection vulnerability in the CLI command of Zyxel ZyWALL/USG series firmware versions 4.20 through 4.72, VPN series firmware versions 4.30 through 5.32, USG FLEX series firmware versions 4.50 through 5.32, and ATP series firmware versions 4.32 through 5.32, which could allow an authenticated attacker with administrator privileges to execute OS commands.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-usg60_firmwarevpn100atp100_firmwareusg40_firmwareusg60w_firmwareatp100atp800_firmwareusg20-vpn_firmwarezywall_110usg_flex_200usg_flex_500_firmwareusg_flex_100w_firmwareusg_flex_100atp100watp100w_firmwarevpn300_firmwareusg_flex_200_firmwarevpn50_firmwareusg20-vpnusg40w_firmwareatp200atp700zywall_1100usg20w-vpnusg_flex_700vpn100_firmwarevpn300usg40wusg_flex_100wusg60watp700_firmwareatp500_firmwareusg40atp800zywall_310_firmwarevpn1000_firmwarevpn50usg_flex_100_firmwareusg60usg_flex_50_firmwarezywall_110_firmwarezywall_310atp500usg_flex_700_firmwarezywall_1100_firmwarevpn1000usg20w-vpn_firmwareusg_flex_500usg_flex_50atp200_firmwareVPN series firmwareUSG FLEX series firmwareZyWALL/USG series firmwareATP series firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-6398
Matching Score-6
Assigner-Zyxel Corporation
ShareView Details
Matching Score-6
Assigner-Zyxel Corporation
CVSS Score-7.2||HIGH
EPSS-0.73% / 71.73%
||
7 Day CHG~0.00%
Published-20 Feb, 2024 | 01:34
Updated-21 Jan, 2025 | 18:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A post-authentication command injection vulnerability in the file upload binary in Zyxel ATP series firmware versions from 4.32 through 5.37 Patch 1, USG FLEX series firmware versions from 4.50 through 5.37 Patch 1, USG FLEX 50(W) series firmware versions from 4.16 through 5.37 Patch 1, USG20(W)-VPN series firmware versions from 4.16 through 5.37 Patch 1, USG FLEX H series firmware versions from 1.10 through 1.10 Patch 1, NWA50AX firmware versions through 6.29(ABYW.3), WAC500 firmware versions through 6.65(ABVS.1), WAX300H firmware versions through 6.60(ACHF.1), and WBE660S firmware versions through 6.65(ACGG.1) could allow an authenticated attacker with administrator privileges to execute some operating system (OS) commands on an affected device via FTP.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-nwa220ax-6eusg20-vpnatp800nwa1123acv3wac500_firmwareusg_flex_100hpusg_flex_700_firmwarewac500h_firmwarewax510datp200wax300h_firmwarewax640s-6eusg_flex_200h_firmwareatp100atp100_firmwarenwa110axwbe660snwa90ax_firmwareusg_flex_100ax_firmwareusg_flex_500h_firmwareusg_flex_100_firmwareusg20-vpn_firmwareusg20w-vpn_firmwareusg_flex_500husg_flex_100w_firmwareusg_flex_50w_firmwarewax630susg_flex_500_firmwareusg_flex_700h_firmwarenwa220ax-6e_firmwareusg_flex_200hpusg_flex_50usg_flex_50_firmwarenwa50ax-prousg_flex_700wax655e_firmwarewax620d-6e_firmwarewac500husg_flex_100wwax655eatp800_firmwarenwa50axnwa110ax_firmwarewax620d-6enwa55axeuoswax650swax640s-6e_firmwarewbe660s_firmwarewax610d_firmwareatp100wusg_flex_100axnwa90axnwa1123acv3_firmwareatp700wax510d_firmwareatp500_firmwarenwa50ax_firmwareusg_flex_100husg_flex_200hnwa90ax-pro_firmwarenwa90ax-pronwa55axe_firmwareusg_flex_100h_firmwareatp500usg_flex_200wac500usg_flex_700husg_flex_50wwax300hatp100w_firmwarenwa210axwax610dusg_flex_500wax630s_firmwarenwa50ax-pro_firmwareusg20w-vpnusg_flex_100nwa210ax_firmwareatp200_firmwarewax650s_firmwareatp700_firmwareusg_flex_200_firmwareusg_flex_200hp_firmwareUSG FLEX 50(W) series firmwareATP series firmwareUSG FLEX H series firmware NWA50AX firmwareUSG FLEX series firmwareUSG20(W)-VPN series firmwareWBE660S firmwareWAX300H firmware WAC500 firmwarewac500_firmwareusg_flex_700_firmwareusg_20w-vpn_firmwarewbe660s_firmwarenwa50ax_firmwareatp800_firmwarewax300h_firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2017-6884
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-90.75% / 99.61%
||
7 Day CHG~0.00%
Published-06 Apr, 2017 | 17:00
Updated-30 Jul, 2025 | 01:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2023-10-09||Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

A command injection vulnerability was discovered on the Zyxel EMG2926 home router with firmware V1.00(AAQT.4)b8. The vulnerability is located in the diagnostic tools, specifically the nslookup function. A malicious user may exploit numerous vectors to execute arbitrary commands on the router, such as the ping_ip parameter to the expert/maintenance/diagnostic/nslookup URI.

Action-Not Available
Vendor-n/aZyxel Networks Corporation
Product-emg2926_firmwareemg2926n/aEMG2926 Routers
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-24354
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.79% / 72.93%
||
7 Day CHG~0.00%
Published-31 Aug, 2020 | 17:38
Updated-04 Aug, 2024 | 15:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Zyxel VMG5313-B30B router on firmware 5.13(ABCJ.6)b3_1127, and possibly older versions of firmware are affected by shell injection.

Action-Not Available
Vendor-n/aZyxel Networks Corporation
Product-vmg5313-b30bvmg5313-b30b_firmwaren/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-22919
Matching Score-6
Assigner-Zyxel Corporation
ShareView Details
Matching Score-6
Assigner-Zyxel Corporation
CVSS Score-8.8||HIGH
EPSS-1.02% / 76.31%
||
7 Day CHG~0.00%
Published-01 May, 2023 | 00:00
Updated-30 Jan, 2025 | 16:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The post-authentication command injection vulnerability in the Zyxel NBG6604 firmware version V1.01(ABIR.0)C0 could allow an authenticated attacker to execute some OS commands remotely by sending a crafted HTTP request.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-nbg6604_firmwarenbg6604NBG6604 firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-5372
Matching Score-6
Assigner-Zyxel Corporation
ShareView Details
Matching Score-6
Assigner-Zyxel Corporation
CVSS Score-7.2||HIGH
EPSS-10.46% / 92.94%
||
7 Day CHG~0.00%
Published-30 Jan, 2024 | 00:55
Updated-23 Aug, 2024 | 18:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The post-authentication command injection vulnerability in Zyxel NAS326 firmware versions through V5.21(AAZF.15)C0 and NAS542 firmware versions through V5.21(ABAG.12)C0 could allow an authenticated attacker with administrator privileges to execute some operating system (OS) commands by sending a crafted query parameter attached to the URL of an affected device’s web management interface.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-nas326nas542_firmwarenas542nas326_firmwareNAS542 firmwareNAS326 firmwarenas542_firmwarenas326_firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2017-18370
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-75.17% / 98.83%
||
7 Day CHG~0.00%
Published-02 May, 2019 | 16:14
Updated-05 Aug, 2024 | 21:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ZyXEL P660HN-T1A v2 TCLinux Fw #7.3.37.6 router distributed by TrueOnline has a command injection vulnerability in the Remote System Log forwarding function, which is only accessible by an authenticated user. The vulnerability is in the logSet.asp page and can be exploited through the ServerIP parameter. Authentication can be achieved by exploiting CVE-2017-18371.

Action-Not Available
Vendor-billionn/aZyxel Networks Corporation
Product-5200w-t_firmwarep660hn-t1a_v25200w-tp660hn-t1a_v1_firmwarep660hn-t1a_v2_firmwarep660hn-t1a_v1n/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-37928
Matching Score-6
Assigner-Zyxel Corporation
ShareView Details
Matching Score-6
Assigner-Zyxel Corporation
CVSS Score-8.8||HIGH
EPSS-2.15% / 83.53%
||
7 Day CHG~0.00%
Published-30 Nov, 2023 | 01:37
Updated-13 Feb, 2025 | 17:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A post-authentication command injection vulnerability in the WSGI server of the Zyxel NAS326 firmware version V5.21(AAZF.14)C0 and NAS542 firmware version V5.21(ABAG.11)C0 could allow an authenticated attacker to execute some operating system (OS) commands by sending a crafted URL to a vulnerable device.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-nas326nas542_firmwarenas542nas326_firmwareNAS542 firmwareNAS326 firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-34138
Matching Score-6
Assigner-Zyxel Corporation
ShareView Details
Matching Score-6
Assigner-Zyxel Corporation
CVSS Score-8||HIGH
EPSS-0.11% / 30.48%
||
7 Day CHG~0.00%
Published-17 Jul, 2023 | 17:31
Updated-30 Oct, 2024 | 18:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A command injection vulnerability in the hotspot management feature of the Zyxel ATP series firmware versions 4.60 through 5.36 Patch 2, USG FLEX series firmware versions 4.60 through 5.36 Patch 2, USG FLEX 50(W) series firmware versions 4.60 through 5.36 Patch 2, USG20(W)-VPN series firmware versions 4.60 through 5.36 Patch 2, and VPN series firmware versions 4.60 through 5.36 Patch 2, could allow an unauthenticated, LAN-based attacker to execute some OS commands on an affected device if the attacker could trick an authorized administrator to add their IP address to the list of trusted RADIUS clients in advance.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-zywall_vpn_300zywall_atp700zywall_atp700_firmwarezywall_vpn_50_firmwarezywall_atp800zywall_vpn_50usg_flex_200zywall_atp100_firmwareusg_flex_500_firmwareusg_2200-vpn_firmwareusg_flex_100usg_flex_100w_firmwarezywall_vpn300_firmwareusg_flex_200_firmwareusg_2200-vpnzywall_atp200zywall_vpn50zywall_vpn100_firmwarezywall_vpn100usg_flex_700zywall_atp100w_firmwareusg_flex_100wzywall_atp800_firmwareusg_flex_50w_firmwarezywall_atp200_firmwareusg_20w-vpnzywall_atp500usg_20w-vpn_firmwarezywall_atp100usg_flex_100_firmwarezywall_atp100wzywall_atp500_firmwareusg_flex_50wusg_flex_50_firmwarezywall_vpn300zywall_vpn_300_firmwareusg_flex_700_firmwarezywall_vpn_100zywall_vpn2szywall_vpn2s_firmwarezywall_vpn50_firmwareusg_flex_500usg_flex_50zywall_vpn_100_firmwareUSG FLEX 50(W) series firmwareATP series firmwareVPN series firmwareUSG FLEX series firmwareUSG20(W)-VPN series firmwareusg_flex_50w_firmwarevpn_firmwareatp_firmwareusg20w-vpn_firmwareusg_flex_firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-34141
Matching Score-6
Assigner-Zyxel Corporation
ShareView Details
Matching Score-6
Assigner-Zyxel Corporation
CVSS Score-8||HIGH
EPSS-0.11% / 30.48%
||
7 Day CHG~0.00%
Published-17 Jul, 2023 | 17:56
Updated-29 Oct, 2024 | 16:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A command injection vulnerability in the access point (AP) management feature of the Zyxel ATP series firmware versions 5.00 through 5.36 Patch 2, USG FLEX series firmware versions 5.00 through 5.36 Patch 2, USG FLEX 50(W) series firmware versions 5.00 through 5.36 Patch 2, USG20(W)-VPN series firmware versions 5.00 through 5.36 Patch 2, VPN series firmware versions 5.00 through 5.36 Patch 2, NXC2500 firmware versions 6.10(AAIG.0) through 6.10(AAIG.3), and NXC5500 firmware versions 6.10(AAOS.0) through 6.10(AAOS.4), could allow an unauthenticated, LAN-based attacker to execute some OS commands on an affected device if the attacker could trick an authorized administrator to add their IP address to the managed AP list in advance.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-zywall_vpn_300zywall_atp700zywall_atp700_firmwarezywall_vpn_50_firmwarezywall_atp800zywall_vpn_50usg_flex_200zywall_atp100_firmwareusg_flex_500_firmwareusg_2200-vpn_firmwareusg_flex_100usg_flex_100w_firmwarezywall_vpn300_firmwareusg_flex_200_firmwareusg_2200-vpnzywall_atp200zywall_vpn50nxc5500zywall_vpn100_firmwarenxc2500zywall_vpn100usg_flex_700zywall_atp100w_firmwareusg_flex_100wzywall_atp800_firmwareusg_flex_50w_firmwarezywall_atp200_firmwareusg_20w-vpnzywall_atp500usg_20w-vpn_firmwarezywall_atp100usg_flex_100_firmwarenxc5500_firmwarezywall_atp100wzywall_atp500_firmwareusg_flex_50wnxc2500_firmwareusg_flex_50_firmwarezywall_vpn300zywall_vpn_300_firmwareusg_flex_700_firmwarezywall_vpn_100zywall_vpn2szywall_vpn2s_firmwarezywall_vpn50_firmwareusg_flex_500usg_flex_50zywall_vpn_100_firmwareUSG FLEX 50(W) series firmwareNXC5500 firmwareATP series firmwareVPN series firmwareNXC2500 firmwareUSG FLEX series firmwareUSG20(W)-VPN series firmwarenxc2500_firmwareusg_flex_50w_firmwarevpn_firmwareusg20w-vpn_firmwarenxc5500_firmwareatpusg_flex
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-34139
Matching Score-6
Assigner-Zyxel Corporation
ShareView Details
Matching Score-6
Assigner-Zyxel Corporation
CVSS Score-8.8||HIGH
EPSS-0.22% / 44.33%
||
7 Day CHG~0.00%
Published-17 Jul, 2023 | 17:36
Updated-29 Oct, 2024 | 16:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A command injection vulnerability in the Free Time WiFi hotspot feature of the Zyxel USG FLEX series firmware versions 4.50 through 5.36 Patch 2 and VPN series firmware versions 4.20 through 5.36 Patch 2, could allow an unauthenticated, LAN-based attacker to execute some OS commands on an affected device.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-usg_flex_50w_firmwarezywall_vpn_300zywall_vpn_50_firmwarezywall_vpn_50usg_flex_200usg_flex_500_firmwareusg_2200-vpn_firmwareusg_flex_100usg_flex_100w_firmwarezywall_vpn300_firmwareusg_flex_100_firmwareusg_flex_200_firmwareusg_2200-vpnusg_flex_50wzywall_vpn50usg_flex_50_firmwarezywall_vpn300zywall_vpn100_firmwarezywall_vpn_300_firmwarezywall_vpn100usg_flex_700_firmwarezywall_vpn_100zywall_vpn2susg_flex_700zywall_vpn2s_firmwareusg_flex_100wzywall_vpn50_firmwareusg_flex_500usg_flex_50zywall_vpn_100_firmwareUSG FLEX series firmwareVPN series firmwarevpn_firmwareusg_flex_firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2017-15226
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-7.51% / 91.41%
||
7 Day CHG~0.00%
Published-10 Oct, 2017 | 23:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Zyxel NBG6716 V1.00(AAKG.9)C0 devices allow command injection in the ozkerz component because beginIndex and endIndex are used directly in a popen call.

Action-Not Available
Vendor-n/aZyxel Networks Corporation
Product-nbg6716nbg6716_firmwaren/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2019-10631
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.92% / 74.97%
||
7 Day CHG~0.00%
Published-09 Apr, 2019 | 04:59
Updated-04 Aug, 2024 | 22:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Shell Metacharacter Injection in the package installer on Zyxel NAS 326 version 5.21 and below allows an authenticated attacker to execute arbitrary code via multiple different requests.

Action-Not Available
Vendor-n/aZyxel Networks Corporation
Product-nas326nas326_firmwaren/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-9200
Matching Score-6
Assigner-Zyxel Corporation
ShareView Details
Matching Score-6
Assigner-Zyxel Corporation
CVSS Score-7.2||HIGH
EPSS-0.74% / 71.90%
||
7 Day CHG~0.00%
Published-03 Dec, 2024 | 01:33
Updated-21 Jan, 2025 | 21:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A post-authentication command injection vulnerability in the "host" parameter of the diagnostic function in Zyxel VMG4005-B50A firmware versions through V5.15(ABQA.2.2)C0 could allow an authenticated attacker with administrator privileges to execute operating system (OS) commands on a vulnerable device.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-vmg4005-b50bvmg4005-b50a_firmwarevmg4005-b60a_firmwarevmg4005-b50avmg4005-b50b_firmwareemg6726-b10avmg4927-b50avmg3927-b50bvmg4927-b50a_firmwarevmg3927-b50b_firmwarevmg4005-b60aemg6726-b10a_firmwareVMG4005-B50A firmwarevmg4005-b50a_firmwarevmg4927-b50a_firmwareemg6726-b10a_firmwarevmg4005-b50b_firmwarevmg3927-b50b_firmwarevmg4005-b60a_firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-8881
Matching Score-6
Assigner-Zyxel Corporation
ShareView Details
Matching Score-6
Assigner-Zyxel Corporation
CVSS Score-6.8||MEDIUM
EPSS-0.50% / 64.91%
||
7 Day CHG~0.00%
Published-12 Nov, 2024 | 01:17
Updated-14 Nov, 2024 | 13:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A post-authentication command injection vulnerability in the CGI program in the Zyxel GS1900-48 switch firmware version V2.80(AAHN.1)C0 and earlier could allow an authenticated, LAN-based attacker with administrator privileges to execute some operating system (OS) commands on an affected device by sending a crafted HTTP request.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-gs1900-24hpv2_firmwaregs1900-10hpgs1900-24_firmwaregs1900-24e_firmwaregs1900-8gs1900-8hp_firmwaregs1900-48_firmwaregs1900-48hpv2_firmwaregs1900-48hpv2gs1900-24epgs1900-24ep_firmwaregs1900-24gs1900-8hpgs1900-24egs1900-24hpv2gs1900-8_firmwaregs1900-48gs1900-16_firmwaregs1900-10hp_firmwaregs1900-16GS1900-48 firmwaregs1900-48_firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-7203
Matching Score-6
Assigner-Zyxel Corporation
ShareView Details
Matching Score-6
Assigner-Zyxel Corporation
CVSS Score-7.2||HIGH
EPSS-1.48% / 80.22%
||
7 Day CHG~0.00%
Published-03 Sep, 2024 | 01:36
Updated-13 Dec, 2024 | 16:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A post-authentication command injection vulnerability in Zyxel ATP series firmware versions from V4.60 through V5.38 and USG FLEX series firmware versions from V4.60 through V5.38 could allow an authenticated attacker with administrator privileges to execute some operating system (OS) commands on an affected device by executing a crafted CLI command.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-zldusg_flex_50watp200atp500atp700atp100usg_flex_100axatp800usg_flex_200usg_flex_700usg_flex_100atp100wusg_flex_100wusg_flex_500usg_flex_50ATP series firmwareUSG FLEX series firmwareatp800_firmwareusg_flex_700h_firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2017-18372
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-72.98% / 98.73%
||
7 Day CHG~0.00%
Published-02 May, 2019 | 16:15
Updated-05 Aug, 2024 | 21:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Billion 5200W-T TCLinux Fw $7.3.8.0 v008 130603 router distributed by TrueOnline has a command injection vulnerability in the Time Setting function, which is only accessible by an authenticated user. The vulnerability is in the tools_time.asp page and can be exploited through the uiViewSNTPServer parameter. Authentication can be achieved by exploiting CVE-2017-18373.

Action-Not Available
Vendor-billionn/aZyxel Networks Corporation
Product-5200w-t_firmwarep660hn-t1a_v25200w-tp660hn-t1a_v1_firmwarep660hn-t1a_v2_firmwarep660hn-t1a_v1n/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-16257
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-6.27% / 90.54%
||
7 Day CHG~0.00%
Published-28 Oct, 2020 | 17:02
Updated-04 Aug, 2024 | 13:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Winston 1.5.4 devices are vulnerable to command injection via the API.

Action-Not Available
Vendor-winstonprivacyn/a
Product-winston_firmwarewinstonn/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-32534
Matching Score-4
Assigner-Robert Bosch GmbH
ShareView Details
Matching Score-4
Assigner-Robert Bosch GmbH
CVSS Score-8.8||HIGH
EPSS-2.83% / 85.64%
||
7 Day CHG~0.00%
Published-22 Jun, 2022 | 13:55
Updated-03 Aug, 2024 | 07:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
OS Command Injection

The Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 and earlier was found to be vulnerable to command injection through its diagnostics web interface. This allows execution of shell commands.

Action-Not Available
Vendor-Robert Bosch GmbH
Product-pra-es8p2spra-es8p2s_firmwarePRA-ES8P2S
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-31795
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-11.76% / 93.44%
||
7 Day CHG~0.00%
Published-20 Jun, 2022 | 14:41
Updated-03 Aug, 2024 | 07:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on Fujitsu ETERNUS CentricStor CS8000 (Control Center) devices before 8.1A SP02 P04. The vulnerability resides in the grel_finfo function in grel.php. An attacker is able to influence the username (user), password (pw), and file-name (file) parameters and inject special characters such as semicolons, backticks, or command-substitution sequences in order to force the application to execute arbitrary commands.

Action-Not Available
Vendor-n/aFujitsu Limited
Product-eternus_cs8000eternus_cs8000_firmwaren/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-3183
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-9.8||CRITICAL
EPSS-0.77% / 72.51%
||
7 Day CHG~0.00%
Published-21 Dec, 2022 | 22:24
Updated-15 Apr, 2025 | 19:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where a specific function does not sanitize the input provided by the user, which may expose the affected to an OS command injection vulnerability.

Action-Not Available
Vendor-Dataprobe, Inc.
Product-iboot-pdu8sa-2n15_firmwareiboot-pdu4a-n15iboot-pdu4sa-n20iboot-pdu4sa-n15iboot-pdu4a-n20_firmwareiboot-pdu8a-2n15iboot-pdu4-n20iboot-pdu8a-n20iboot-pdu8sa-n20iboot-pdu4a-n20iboot-pdu8a-2n15_firmwareiboot-pdu8sa-n20_firmwareiboot-pdu8a-n20_firmwareiboot-pdu8a-2n20iboot-pdu4a-n15_firmwareiboot-pdu8a-n15_firmwareiboot-pdu4sa-n20_firmwareiboot-pdu8sa-2n15iboot-pdu8sa-n15_firmwareiboot-pdu4sa-n15_firmwareiboot-pdu4-n20_firmwareiboot-pdu8a-2n20_firmwareiboot-pdu8sa-n15iboot-pdu8a-n15iBoot-PDU FW
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-4412
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.3||MEDIUM
EPSS-1.11% / 77.22%
||
7 Day CHG~0.00%
Published-18 Aug, 2023 | 14:31
Updated-02 Aug, 2024 | 07:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
TOTOLINK EX1200L setWanCfg os command injection

A vulnerability was found in TOTOLINK EX1200L EN_V9.3.5u.6146_B20201023 and classified as critical. This issue affects the function setWanCfg. The manipulation leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-237515. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-TOTOLINK
Product-ex1200l_firmwareex1200lEX1200L
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-31794
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-13.27% / 93.89%
||
7 Day CHG~0.00%
Published-20 Jun, 2022 | 14:38
Updated-03 Aug, 2024 | 07:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on Fujitsu ETERNUS CentricStor CS8000 (Control Center) devices before 8.1A SP02 P04. The vulnerability resides in the requestTempFile function in hw_view.php. An attacker is able to influence the unitName POST parameter and inject special characters such as semicolons, backticks, or command-substitution sequences in order to force the application to execute arbitrary commands.

Action-Not Available
Vendor-n/aFujitsu Limited
Product-eternus_cs8000eternus_cs8000_firmwaren/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-31767
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.44% / 79.93%
||
7 Day CHG~0.00%
Published-24 Jun, 2022 | 15:35
Updated-16 Sep, 2024 | 23:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM CICS TX Standard and Advanced 11.1 could allow a remote attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 227980.

Action-Not Available
Vendor-IBM CorporationLinux Kernel Organization, Inc
Product-linux_kernelcics_txCICS TX AdvancedCICS TX Standard
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-3275
Matching Score-4
Assigner-Perforce
ShareView Details
Matching Score-4
Assigner-Perforce
CVSS Score-8.4||HIGH
EPSS-0.85% / 73.89%
||
7 Day CHG~0.00%
Published-07 Oct, 2022 | 00:00
Updated-03 Aug, 2024 | 01:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Puppetlabs-apt Command Injection

Command injection is possible in the puppetlabs-apt module prior to version 9.0.0. A malicious actor is able to exploit this vulnerability only if they are able to provide unsanitized input to the module. This condition is rare in most deployments of Puppet and Puppet Enterprise.

Action-Not Available
Vendor-Perforce Software, Inc. ("Puppet")Fedora Project
Product-puppetlabs-mysqlfedorapuppetlabs-apt
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-42978
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.28% / 84.00%
||
7 Day CHG+0.22%
Published-15 Aug, 2024 | 00:00
Updated-25 Mar, 2025 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue in the handler function in /goform/telnet of Tenda FH1206 v02.03.01.35 allows attackers to execute arbitrary commands via a crafted HTTP request.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-fh1206fh1206_firmwaren/afh1206_firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-33271
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.98% / 75.85%
||
7 Day CHG~0.00%
Published-03 Oct, 2023 | 00:00
Updated-20 Sep, 2024 | 16:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in DTS Monitoring 3.57.0. The parameter common_name within the SSL Certificate check function is vulnerable to OS command injection (blind).

Action-Not Available
Vendor-dtsn/a
Product-monitoringn/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-31446
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-29.95% / 96.48%
||
7 Day CHG-18.70%
Published-14 Jun, 2022 | 02:41
Updated-03 Aug, 2024 | 07:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AC18 router V15.03.05.19 and V15.03.05.05 was discovered to contain a remote code execution (RCE) vulnerability via the Mac parameter at ip/goform/WriteFacMac.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac18_firmwareac18n/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-31232
Matching Score-4
Assigner-Dell
ShareView Details
Matching Score-4
Assigner-Dell
CVSS Score-8.6||HIGH
EPSS-1.36% / 79.39%
||
7 Day CHG~0.00%
Published-30 Aug, 2022 | 20:25
Updated-17 Sep, 2024 | 04:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SmartFabric storage software version 1.0.0 contains a Command-Injection vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability to gain access and perform actions on the affected system.

Action-Not Available
Vendor-Dell Inc.
Product-smartfabric_storage_softwareSmart Fabric Storage Software
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-31499
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-93.80% / 99.86%
||
7 Day CHG~0.00%
Published-25 Aug, 2022 | 22:09
Updated-03 Aug, 2024 | 07:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Nortek Linear eMerge E3-Series devices before 0.32-08f allow an unauthenticated attacker to inject OS commands via ReaderNo. NOTE: this issue exists because of an incomplete fix for CVE-2019-7256.

Action-Not Available
Vendor-nortekcontroln/a
Product-emerge_e3_firmwareemerge_e3n/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-4411
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.3||MEDIUM
EPSS-1.11% / 77.22%
||
7 Day CHG~0.00%
Published-18 Aug, 2023 | 14:00
Updated-02 Aug, 2024 | 07:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
TOTOLINK EX1200L setTracerouteCfg os command injection

A vulnerability has been found in TOTOLINK EX1200L EN_V9.3.5u.6146_B20201023 and classified as critical. This vulnerability affects the function setTracerouteCfg. The manipulation leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-237514 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-TOTOLINK
Product-ex1200l_firmwareex1200lEX1200L
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2011-2195
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-9.8||CRITICAL
EPSS-3.42% / 86.98%
||
7 Day CHG~0.00%
Published-26 Oct, 2021 | 12:10
Updated-06 Aug, 2024 | 22:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in WebSVN 2.3.2. Without prior authentication, if the 'allowDownload' option is enabled in config.php, an attacker can invoke the dl.php script and pass a well formed 'path' argument to execute arbitrary commands against the underlying operating system.

Action-Not Available
Vendor-websvnn/a
Product-websvnwebsvn
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-33377
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.39% / 59.50%
||
7 Day CHG~0.00%
Published-04 Aug, 2023 | 00:00
Updated-17 Oct, 2024 | 15:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Connected IO v2.1.0 and prior has an OS command injection vulnerability in the set firewall command in part of its communication protocol, enabling attackers to execute arbitrary OS commands on devices.

Action-Not Available
Vendor-connectedion/a
Product-connected_ion/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-30310
Matching Score-4
Assigner-CERT@VDE
ShareView Details
Matching Score-4
Assigner-CERT@VDE
CVSS Score-9.8||CRITICAL
EPSS-1.09% / 77.02%
||
7 Day CHG~0.00%
Published-13 Jun, 2022 | 13:45
Updated-20 Nov, 2024 | 15:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FESTO: CECC-X-M1 and Servo Press Kit YJKP OS Command Injection vulnerability

In Festo Controller CECC-X-M1 product family in multiple versions, the http-endpoint "cecc-x-acknerr-request" POST request doesn’t check for port syntax. This can result in unauthorized execution of system commands with root privileges due to improper access control command injection.

Action-Not Available
Vendor-festoFesto
Product-controller_cecc-x-m1-mv-s1controller_cecc-x-m1controller_cecc-x-m1-ys-l2_firmwareservo_press_kit_yjkp_firmwareservo_press_kit_yjkp-controller_cecc-x-m1-ys-l1_firmwareservo_press_kit_yjkpcontroller_cecc-x-m1-mv_firmwarecontroller_cecc-x-m1-y-yjkpcontroller_cecc-x-m1-ys-l2controller_cecc-x-m1-mvcontroller_cecc-x-m1_firmwareservo_press_kit_yjkp-_firmwarecontroller_cecc-x-m1-y-yjkp_firmwarecontroller_cecc-x-m1-ys-l1controller_cecc-x-m1-mv-s1_firmwareController CECC-X-M1-MV (4407605)Controller CECC-X-M1-Y-YJKP (4803891)Controller CECC-X-M1 (8124922)Controller CECC-X-M1-MV-S1 (4407606)Controller CECC-X-M1-YS-L1 (8082793)Controller CECC-X-M1-MV (8124923)Controller CECC-X-M1-MV-S1 (8124924)Controller CECC-X-M1-YS-L2 (8082794)Servo Press Kit YJKP (8077950)Servo Press Kit YJKP- (8058596)Controller CECC-X-M1 (4407603)
CWE ID-CWE-863
Incorrect Authorization
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-29516
Matching Score-4
Assigner-JPCERT/CC
ShareView Details
Matching Score-4
Assigner-JPCERT/CC
CVSS Score-9.8||CRITICAL
EPSS-1.90% / 82.48%
||
7 Day CHG~0.00%
Published-18 May, 2022 | 09:50
Updated-03 Aug, 2024 | 06:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The web console of FUJITSU Network IPCOM series (IPCOM EX2 IN(3200, 3500), IPCOM EX2 LB(1100, 3200, 3500), IPCOM EX2 SC(1100, 3200, 3500), IPCOM EX2 NW(1100, 3200, 3500), IPCOM EX2 DC, IPCOM EX2 DC, IPCOM EX IN(2300, 2500, 2700), IPCOM EX LB(1100, 1300, 2300, 2500, 2700), IPCOM EX SC(1100, 1300, 2300, 2500, 2700), and IPCOM EX NW(1100, 1300, 2300, 2500, 2700)) allows a remote attacker to execute an arbitrary OS command via unspecified vectors.

Action-Not Available
Vendor-Fujitsu Limited
Product-ipcom_ex_in_2500_firmwareipcom_ex2_lb_3500ipcom_ex_lb_1300_firmwareipcom_ex_lb_2500_firmwareipcom_ex_in_2300_firmwareipcom_ex_nw_1100_firmwareipcom_ex_nw_2300_firmwareipcom_ex_sc_1300_firmwareipcom_ex2_sc_1100_firmwareipcom_ex_lb_1100ipcom_ve2_sc_plus_200ipcom_ex2_lb_1100ipcom_ex2_nw_3200_firmwareipcom_ex2_dc_3200_firmwareipcom_ex2_nw_1100ipcom_ve2_ls_plus_100_firmwareipcom_ex_sc_2500ipcom_ex_sc_2700ipcom_ex_nw_2300ipcom_ex_in_2700_firmwareipcom_ex2_in_3500_firmwareipcom_ve2_ls_plus2_200_firmwareipcom_ve2_ls_200ipcom_ex_lb_2300_firmwareipcom_ex_nw_1100ipcom_ex2_nw_3500_firmwareipcom_ex_nw_2500_firmwareipcom_ex2_sc_3500ipcom_ex2_in_3500ipcom_ex_nw_2700ipcom_ve2_ls_plus_200_firmwareipcom_ve2_sc_plus_200_firmwareipcom_ex2_in_3200_firmwareipcom_ex2_dc_3500ipcom_ex_lb_1300ipcom_ex2_lb_3500_firmwareipcom_ex_lb_2300ipcom_ve2_ls_200_firmwareipcom_ex2_dc_3500_firmwareipcom_ex_in_2300ipcom_ex_sc_1100ipcom_ve2_sc_220_firmwareipcom_ex2_dc_3200ipcom_ex_sc_1300ipcom_ve2_sc_plus_220ipcom_ex_nw_2700_firmwareipcom_ex_lb_2500ipcom_ex_sc_1100_firmwareipcom_ex_sc_2300_firmwareipcom_ve2_ls_100_firmwareipcom_ex2_lb_3200_firmwareipcom_ex2_lb_3200ipcom_ex_sc_2500_firmwareipcom_ex2_lb_1100_firmwareipcom_ex_sc_2300ipcom_ve2_ls_plus_200ipcom_ex2_in_1100ipcom_ve2_ls_220ipcom_ex2_sc_3200ipcom_ex_lb_1100_firmwareipcom_ex2_nw_3200ipcom_ex2_nw_1100_firmwareipcom_ve2_ls_plus_220_firmwareipcom_ex_nw_1300_firmwareipcom_ex_nw_2500ipcom_ve2_ls_plus2_200ipcom_ve2_ls_plus_220ipcom_ex2_in_1100_firmwareipcom_ve2_ls_100ipcom_ve2_sc_200ipcom_ve2_ls_220_firmwareipcom_ex2_sc_3500_firmwareipcom_ve2_sc_plus_100_firmwareipcom_ve2_ls_plus_100ipcom_ex2_sc_1100ipcom_ex2_sc_3200_firmwareipcom_ex_lb_2700ipcom_ve2_sc_100ipcom_ex_lb_2700_firmwareipcom_ex_sc_2700_firmwareipcom_ex_in_2500ipcom_ex2_in_3200ipcom_ve2_ls_plus2_220ipcom_ex_in_2700ipcom_ve2_ls_plus2_220_firmwareipcom_ve2_sc_plus_220_firmwareipcom_ve2_sc_100_firmwareipcom_ex2_nw_3500ipcom_ve2_sc_200_firmwareipcom_ve2_sc_220ipcom_ve2_sc_plus_100ipcom_ex_nw_1300IPCOM EX2 series, IPCOM EX series, IPCOM VE2 series, and IPCOM VA2/VE1 series
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-1999-0043
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.59% / 80.90%
||
7 Day CHG~0.00%
Published-29 Sep, 1999 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Command execution via shell metachars in INN daemon (innd) 1.5 using "newgroup" and "rmgroup" control messages, and others.

Action-Not Available
Vendor-bsdin/absdiThe MITRE Corporation (Caldera)Netscape (Yahoo Inc.)NEC CorporationInternet Systems Consortium, Inc.Red Hat, Inc.
Product-bsd_osgoah_intrasvnews_serverlinuxinnopenlinuxgoah_networksvn/absd_oslinuxopenlinuxgoah_intrasvgoah_networksvnews_serverinn
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 25
  • 26
  • Next
Details not found