Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2024-31977

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-24 Jul, 2024 | 00:00
Updated At-04 Sep, 2024 | 14:21
Rejected At-
Credits

Adtran 834-5 11.1.0.101-202106231430, and fixed as of SmartOS Version 12.6.3.1, devices allow OS Command Injection via shell metacharacters to the Ping or Traceroute utility.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:24 Jul, 2024 | 00:00
Updated At:04 Sep, 2024 | 14:21
Rejected At:
▼CVE Numbering Authority (CNA)

Adtran 834-5 11.1.0.101-202106231430, and fixed as of SmartOS Version 12.6.3.1, devices allow OS Command Injection via shell metacharacters to the Ping or Traceroute utility.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://github.com/actuator/cve/tree/main/AdTran/834-5
N/A
https://drive.proton.me/urls/GXDM5T5NSG#RHa0yVWSKyoz
N/A
https://github.com/actuator/cve/blob/main/AdTran/CVE-2024-31977
N/A
https://supportcommunity.adtran.com/t5/Security-Advisories/ADTSA-2024001-Multiple-vulnerabilities-in-Service-Delivery-Gateway-products/ta-p/39332
N/A
Hyperlink: https://github.com/actuator/cve/tree/main/AdTran/834-5
Resource: N/A
Hyperlink: https://drive.proton.me/urls/GXDM5T5NSG#RHa0yVWSKyoz
Resource: N/A
Hyperlink: https://github.com/actuator/cve/blob/main/AdTran/CVE-2024-31977
Resource: N/A
Hyperlink: https://supportcommunity.adtran.com/t5/Security-Advisories/ADTSA-2024001-Multiple-vulnerabilities-in-Service-Delivery-Gateway-products/ta-p/39332
Resource: N/A
▼Authorized Data Publishers (ADP)
1. CISA ADP Vulnrichment
Affected Products
Vendor
Adtran, Incadtran
Product
834-5_firmware
CPEs
  • cpe:2.3:o:adtran:834-5_firmware:*:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 11.1.0.101-202106231430 before 12.6.3.1 (custom)
Problem Types
TypeCWE IDDescription
CWECWE-78CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Type: CWE
CWE ID: CWE-78
Description: CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Metrics
VersionBase scoreBase severityVector
3.18.0HIGH
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 8.0
Base severity: HIGH
Vector:
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
2. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://github.com/actuator/cve/tree/main/AdTran/834-5
x_transferred
https://drive.proton.me/urls/GXDM5T5NSG#RHa0yVWSKyoz
x_transferred
https://github.com/actuator/cve/blob/main/AdTran/CVE-2024-31977
x_transferred
Hyperlink: https://github.com/actuator/cve/tree/main/AdTran/834-5
Resource:
x_transferred
Hyperlink: https://drive.proton.me/urls/GXDM5T5NSG#RHa0yVWSKyoz
Resource:
x_transferred
Hyperlink: https://github.com/actuator/cve/blob/main/AdTran/CVE-2024-31977
Resource:
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:24 Jul, 2024 | 15:15
Updated At:03 Sep, 2024 | 21:15

Adtran 834-5 11.1.0.101-202106231430, and fixed as of SmartOS Version 12.6.3.1, devices allow OS Command Injection via shell metacharacters to the Ping or Traceroute utility.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.18.8HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Secondary3.18.0HIGH
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 3.1
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 8.0
Base severity: HIGH
Vector:
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CPE Matches

Adtran, Inc
adtran
>>sdg_smartos>>Versions before 12.5.5.1(exclusive)
cpe:2.3:o:adtran:sdg_smartos:*:*:*:*:*:*:*:*
Adtran, Inc
adtran
>>834-5_firmware>>11.1.0.101-202106231430
cpe:2.3:o:adtran:834-5_firmware:11.1.0.101-202106231430:*:*:*:*:*:*:*
Adtran, Inc
adtran
>>834-5>>-
cpe:2.3:h:adtran:834-5:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-78Primarynvd@nist.gov
CWE-78Secondary134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE ID: CWE-78
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-78
Type: Secondary
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
https://drive.proton.me/urls/GXDM5T5NSG#RHa0yVWSKyozcve@mitre.org
Permissions Required
https://github.com/actuator/cve/blob/main/AdTran/CVE-2024-31977cve@mitre.org
Third Party Advisory
https://github.com/actuator/cve/tree/main/AdTran/834-5cve@mitre.org
Broken Link
https://supportcommunity.adtran.com/t5/Security-Advisories/ADTSA-2024001-Multiple-vulnerabilities-in-Service-Delivery-Gateway-products/ta-p/39332cve@mitre.org
N/A
Hyperlink: https://drive.proton.me/urls/GXDM5T5NSG#RHa0yVWSKyoz
Source: cve@mitre.org
Resource:
Permissions Required
Hyperlink: https://github.com/actuator/cve/blob/main/AdTran/CVE-2024-31977
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: https://github.com/actuator/cve/tree/main/AdTran/834-5
Source: cve@mitre.org
Resource:
Broken Link
Hyperlink: https://supportcommunity.adtran.com/t5/Security-Advisories/ADTSA-2024001-Multiple-vulnerabilities-in-Service-Delivery-Gateway-products/ta-p/39332
Source: cve@mitre.org
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

1219Records found

CVE-2020-17505
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-82.16% / 99.62%
||
7 Day CHG~0.00%
Published-12 Aug, 2020 | 16:33
Updated-04 Aug, 2024 | 14:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Artica Web Proxy 4.30.000000 allows an authenticated remote attacker to inject commands via the service-cmds parameter in cyrus.php. These commands are executed with root privileges via service_cmds_peform.

Action-Not Available
Vendor-n/aArtica Tech SARL
Product-web_proxyn/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-17352
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-4.10% / 89.52%
||
7 Day CHG~0.00%
Published-07 Aug, 2020 | 19:50
Updated-04 Aug, 2024 | 13:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Two OS command injection vulnerabilities in the User Portal of Sophos XG Firewall through 2020-08-05 potentially allow an authenticated attacker to remotely execute arbitrary code.

Action-Not Available
Vendor-n/aSophos Ltd.
Product-xg_firewall_firmwaren/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-49190
Matching Score-4
Assigner-8fc372e3-d9c5-46e4-9410-38469745c639
ShareView Details
Matching Score-4
Assigner-8fc372e3-d9c5-46e4-9410-38469745c639
CVSS Score-9.4||CRITICAL
EPSS-0.43% / 34.27%
||
7 Day CHG~0.00%
Published-04 Jun, 2026 | 05:28
Updated-04 Jun, 2026 | 19:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Missing Per-Instruction Authorization Checks

The system fails to evaluate instructional permissions over multiple internal operation codes (opcodes), permitting unauthorized application installations or command executions.

Action-Not Available
Vendor-Acer Inc.
Product-connect_m6e_5g_firmwareconnect_m6e_5gConnect M6E 5G Portable WiFi Router
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-4840
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-8.26% / 94.23%
||
7 Day CHG~0.00%
Published-26 Mar, 2026 | 04:05
Updated-24 Apr, 2026 | 16:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Netcore Power 15AX Diagnostic Tool netis.cgi setTools os command injection

A security flaw has been discovered in Netcore Power 15AX up to 3.0.0.6938. Affected by this issue is the function setTools of the file /bin/netis.cgi of the component Diagnostic Tool Interface. Performing a manipulation of the argument IpAddr results in os command injection. Remote exploitation of the attack is possible. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-Netcore
Product-Power 15AX
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-15642
Matching Score-4
Assigner-Zero Day Initiative
ShareView Details
Matching Score-4
Assigner-Zero Day Initiative
CVSS Score-8.8||HIGH
EPSS-7.24% / 93.58%
||
7 Day CHG~0.00%
Published-25 Aug, 2020 | 20:21
Updated-04 Aug, 2024 | 13:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

This vulnerability allows remote attackers to execute arbitrary code on affected installations of installations of Marvell QConvergeConsole 5.5.0.64. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the isHPSmartComponent method of the GWTTestServiceImpl class. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-10501.

Action-Not Available
Vendor-marvellMarvell
Product-qconvergeconsoleQConvergeConsole
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2005-10004
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.7||HIGH
EPSS-1.78% / 75.58%
||
7 Day CHG~0.00%
Published-30 Aug, 2025 | 13:45
Updated-15 May, 2026 | 11:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cacti graph_view.php RCE via graph_start Parameter Injection

Cacti versions prior to 0.8.6-d contain a remote command execution vulnerability in the graph_view.php script. An authenticated user can inject arbitrary shell commands via the graph_start GET parameter, which is improperly handled during graph rendering. This flaw allows attackers to execute commands on the underlying operating system with the privileges of the web server process, potentially compromising system integrity.

Action-Not Available
Vendor-Raxnet/Ian BerryThe Cacti Group, Inc.
Product-cactiCacti
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-46746
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-8.7||HIGH
EPSS-0.45% / 36.13%
||
7 Day CHG~0.00%
Published-09 Jun, 2026 | 08:46
Updated-12 Jun, 2026 | 18:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 6). The application does not properly sanitize user input in the /api/sftp/uploadFiles endpoint, allowing the injection of shell command payloads via crafted directory names. These payloads are stored and executed when directory listings are retrieved. This could allow an authenticated remote attacker to execute arbitrary commands on the underlying operating system with the privileges of the affected service user (sinecins).

Action-Not Available
Vendor-Siemens AG
Product-sinec_insSINEC INS
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-12829
Matching Score-4
Assigner-Zero Day Initiative
ShareView Details
Matching Score-4
Assigner-Zero Day Initiative
CVSS Score-7.2||HIGH
EPSS-1.26% / 65.92%
||
7 Day CHG~0.00%
Published-20 Dec, 2024 | 00:05
Updated-03 Jan, 2025 | 17:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Arista NG Firewall ExecManagerImpl Command Injection Remote Code Execution Vulnerability

Arista NG Firewall ExecManagerImpl Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Arista NG Firewall. Authentication is required to exploit this vulnerability. The specific flaw exists within the ExecManagerImpl class. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-24015.

Action-Not Available
Vendor-Arista Networks, Inc.
Product-ng_firewallNG Firewall
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-15467
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-3.15% / 86.39%
||
7 Day CHG~0.00%
Published-04 Aug, 2020 | 12:48
Updated-04 Aug, 2024 | 13:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The administrative interface of Cohesive Networks vns3:vpn appliances before version 4.11.1 is vulnerable to authenticated remote code execution leading to server compromise.

Action-Not Available
Vendor-cohesiven/a
Product-vns3n/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-15631
Matching Score-4
Assigner-Zero Day Initiative
ShareView Details
Matching Score-4
Assigner-Zero Day Initiative
CVSS Score-8||HIGH
EPSS-2.94% / 85.45%
||
7 Day CHG~0.00%
Published-23 Jul, 2020 | 20:45
Updated-04 Aug, 2024 | 13:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1860 1.04B03_HOTFIX WiFi extenders. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the HNAP service, which listens on TCP port 80 by default. When parsing the SOAPAction header, the process does not properly validate a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of the device. Was ZDI-CAN-10084.

Action-Not Available
Vendor-D-Link Corporation
Product-dap-1860dap-1860_firmwareDAP-1860
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-45564
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-8.8||HIGH
EPSS-0.30% / 22.20%
||
7 Day CHG~0.00%
Published-10 Jun, 2026 | 14:04
Updated-10 Jun, 2026 | 19:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Roxy-WI: Authenticated RCE via 'configver' URL parameter (os.system sink in /config/versions/.../save)

Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, POST /config/versions/<service>/<server_ip>/<configver>/save interpolates the URL-path configver parameter directly into a config-version path that ends up at os.system(f"dos2unix -q {cfg}"). configver is not run through EscapedString (Pydantic doesn't validate path segments declared as str) and the surrounding .. block is the broken tuple-membership patch from GHSA-vapt-004. An authenticated user with role <= 3 ("user") therefore reaches a bin/sh -c command-injection sink. At time of publication, there are no publicly available patches.

Action-Not Available
Vendor-roxy-wi
Product-roxy-wi
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-45662
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-8.8||HIGH
EPSS-0.84% / 53.42%
||
7 Day CHG~0.00%
Published-29 May, 2026 | 16:04
Updated-02 Jun, 2026 | 03:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Dokploy: Command Injection via incomplete shell escaping in docker logout (registry deletion)

Dokploy is a free, self-hostable Platform as a Service (PaaS). In 0.29.0 and earlier, the deleteRegistry function in Dokploy (packages/server/src/services/registry.ts) executes docker logout ${response.registryUrl} without shell escaping. In the same file, the docker login command correctly uses shEscape() to prevent command injection. This inconsistency creates a command injection vulnerability when deleting a registry with a crafted registryUrl.

Action-Not Available
Vendor-Dokploy
Product-dokploy
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-45578
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-8.8||HIGH
EPSS-0.32% / 23.62%
||
7 Day CHG~0.00%
Published-29 May, 2026 | 13:14
Updated-01 Jun, 2026 | 18:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WWBN AVideo Live: OS command injection in on_publish.php execAsync via unescaped m3u8 URL

WWBN AVideo is an open source video platform. In 29.0 and earlier, there is a classic shell-metacharacter injection. The YPTSocket notification branch in plugin/Live/on_publish.php builds an execAsync() command line by string concatenation, single-quoting each argument but never calling escapeshellarg(). A ' in any of the three interpolated values ($users_id, $m3u8, $obj->liveTransmitionHistory_id) closes the quoted token and lets the attacker append arbitrary commands.

Action-Not Available
Vendor-wwbnWWBN
Product-avideoAVideo
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-4554
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-3.41% / 87.43%
||
7 Day CHG~0.00%
Published-22 Mar, 2026 | 16:51
Updated-03 Apr, 2026 | 11:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda F453 WriteFacMac FormWriteFacMac privilege escalation

A security flaw has been discovered in Tenda F453 1.0.0.3. The affected element is the function FormWriteFacMac of the file /goform/WriteFacMac. The manipulation of the argument mac results in command injection. It is possible to launch the attack remotely. The exploit has been released to the public and may be used for attacks.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-f453_firmwaref453F453
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-4611
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.6||HIGH
EPSS-3.03% / 85.89%
||
7 Day CHG~0.00%
Published-23 Mar, 2026 | 21:13
Updated-03 Apr, 2026 | 11:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
TOTOLINK X6000R shttpd setLanCfg privilege escalation

A flaw has been found in TOTOLINK X6000R 9.4.0cu.1360_B20241207/9.4.0cu.1498_B20250826. Affected by this issue is the function setLanCfg of the file /usr/sbin/shttpd. Executing a manipulation of the argument Hostname can lead to os command injection. The attack may be launched remotely.

Action-Not Available
Vendor-TOTOLINK
Product-x6000r_firmwarex6000rX6000R
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-4558
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-3.63% / 88.14%
||
7 Day CHG~0.00%
Published-22 Mar, 2026 | 17:29
Updated-30 Apr, 2026 | 16:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Linksys MR9600 SmartConnect.lua smartConnectConfigure os command injection

A flaw has been found in Linksys MR9600 2.0.6.206937. Affected is the function smartConnectConfigure of the file SmartConnect.lua. Executing a manipulation of the argument configApSsid/configApPassphrase/srpLogin/srpPassword can lead to os command injection. The attack may be launched remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-Linksys Holdings, Inc.
Product-mr9600_firmwaremr9600MR9600
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-0279
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-8.8||HIGH
EPSS-4.57% / 90.46%
||
7 Day CHG~0.00%
Published-17 May, 2018 | 03:00
Updated-29 Nov, 2024 | 15:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the Secure Copy Protocol (SCP) server of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote attacker to access the shell of the underlying Linux operating system on the affected device. The vulnerability is due to improper input validation of command arguments. An attacker could exploit this vulnerability by using crafted arguments when opening a connection to the affected device. An exploit could allow the attacker to gain shell access with a non-root user account to the underlying Linux operating system on the affected device. Due to the system design, access to the Linux shell could allow execution of additional attacks that may have a significant impact on the affected system. This vulnerability affects Cisco devices that are running release 3.7.1, 3.6.3, or earlier releases of Cisco Enterprise NFV Infrastructure Software (NFVIS) when access to the SCP server is allowed on the affected device. Cisco NFVIS Releases 3.5.x and 3.6.x do allow access to the SCP server by default, while Cisco NFVIS Release 3.7.1 does not. Cisco Bug IDs: CSCvh25026.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-enterprise_nfv_infrastructure_softwareCisco Enterprise NFV Infrastructure Software
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-13129
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-17.80% / 96.80%
||
7 Day CHG~0.00%
Published-03 Jan, 2025 | 21:31
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Roxy-WI roxy.py action_service os command injection

A vulnerability was found in Roxy-WI up to 8.1.3. It has been declared as critical. Affected by this vulnerability is the function action_service of the file app/modules/roxywi/roxy.py. The manipulation of the argument action/service leads to os command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 8.1.4 is able to address this issue. The identifier of the patch is 32313928eb9ce906887b8a30bf7b9a3d5c0de1be. It is recommended to upgrade the affected component.

Action-Not Available
Vendor-n/a
Product-Roxy-WI
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-45172
Matching Score-4
Assigner-Palo Alto Networks, Inc.
ShareView Details
Matching Score-4
Assigner-Palo Alto Networks, Inc.
CVSS Score-8.7||HIGH
EPSS-0.55% / 42.00%
||
7 Day CHG~0.00%
Published-11 Jun, 2026 | 21:41
Updated-23 Jun, 2026 | 14:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Idira Privileged Session Manager for SSH (PSMP): Arbitrary Command Execution via Improper Neutralization of Special Elements used in an OS Command

Due to incomplete input validation in Idira Privileged Session Manager for SSH (PSMP) versions prior to 15.0.2, 14.6.3, 14.2.5, and 14.0.6, an authenticated, low-privileged user could potentially execute arbitrary commands on the PSMP host. CyberArk Security Bulletins: CA26-17 and CA26-18

Action-Not Available
Vendor-CyberArk Software, a Palo Alto Networks CompanyPalo Alto Networks, Inc.
Product-idira_privileged_session_manager_for_sshPAM Self-Hosted, Privilege Cloud
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-12828
Matching Score-4
Assigner-Zero Day Initiative
ShareView Details
Matching Score-4
Assigner-Zero Day Initiative
CVSS Score-9.9||CRITICAL
EPSS-32.02% / 98.10%
||
7 Day CHG~0.00%
Published-30 Dec, 2024 | 16:48
Updated-14 Aug, 2025 | 18:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Webmin CGI Command Injection Remote Code Execution Vulnerability

Webmin CGI Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Webmin. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of CGI requests. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-22346.

Action-Not Available
Vendor-Webmin
Product-webminWebmin
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-15254
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-3.26% / 86.86%
||
7 Day CHG~0.00%
Published-30 Dec, 2025 | 15:32
Updated-24 Feb, 2026 | 07:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda W6-S ATE Service ate TendaAte os command injection

A vulnerability was found in Tenda W6-S 1.0.0.4(510). This affects the function TendaAte of the file /goform/ate of the component ATE Service. Performing a manipulation results in os command injection. The attack may be initiated remotely. The exploit has been made public and could be used.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-w6-s_firmwarew6-sW6-S
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-4465
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-3.09% / 86.13%
||
7 Day CHG~0.00%
Published-20 Mar, 2026 | 02:02
Updated-03 Apr, 2026 | 19:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
D-Link DIR-513 formSysCmd os command injection

A flaw has been found in D-Link DIR-513 1.10. The impacted element is an unknown function of the file /goform/formSysCmd. Executing a manipulation of the argument sysCmd can lead to os command injection. The attack may be launched remotely. The exploit has been published and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

Action-Not Available
Vendor-D-Link Corporation
Product-dir-513_firmwaredir-513DIR-513
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-14412
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-3.68% / 88.33%
||
7 Day CHG~0.00%
Published-29 Jun, 2020 | 16:33
Updated-04 Aug, 2024 | 12:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NeDi 1.9C is vulnerable to Remote Command Execution. System-Snapshot.php improperly escapes shell metacharacters from a POST request. An attacker can exploit this by crafting an arbitrary payload (any system commands) that contains shell metacharacters via a POST request with a psw parameter. (This can also be exploited via CSRF.)

Action-Not Available
Vendor-nedin/a
Product-nedin/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-14950
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-2.60% / 83.47%
||
7 Day CHG~0.00%
Published-21 Jun, 2020 | 15:58
Updated-04 Aug, 2024 | 13:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

aaPanel through 6.6.6 allows remote authenticated users to execute arbitrary commands via shell metacharacters in a modified /system?action=ServiceAdmin request (start, stop, or restart) to the setting menu of Sotfware Store.

Action-Not Available
Vendor-aapaneln/a
Product-aapaneln/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-14947
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-19.48% / 97.04%
||
7 Day CHG~0.00%
Published-30 Jun, 2020 | 20:44
Updated-04 Aug, 2024 | 13:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

OCS Inventory NG 2.7 allows Remote Command Execution via shell metacharacters to require/commandLine/CommandLine.php because mib_file in plugins/main_sections/ms_config/ms_snmp_config.php is mishandled in get_mib_oid.

Action-Not Available
Vendor-factorfxn/a
Product-open_computer_software_inventory_next_generationn/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-12358
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-4.94% / 91.10%
||
7 Day CHG+0.10%
Published-09 Dec, 2024 | 04:31
Updated-10 Dec, 2024 | 23:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WeiYe-Jing datax-web add os command injection

A vulnerability was found in WeiYe-Jing datax-web 2.1.1. It has been classified as critical. This affects an unknown part of the file /api/job/add/. The manipulation of the argument glueSource leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-datax-web_projectWeiYe-Jingweiye-jing
Product-datax-webdatax-webdatax-web
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-14414
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-3.68% / 88.33%
||
7 Day CHG~0.00%
Published-29 Jun, 2020 | 16:41
Updated-04 Aug, 2024 | 12:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NeDi 1.9C is vulnerable to Remote Command Execution. pwsec.php improperly escapes shell metacharacters from a POST request. An attacker can exploit this by crafting an arbitrary payload (any system commands) that contains shell metacharacters via a POST request with a pw parameter. (This can also be exploited via CSRF.)

Action-Not Available
Vendor-nedin/a
Product-nedin/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-13404
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-6.54% / 92.98%
||
7 Day CHG~0.00%
Published-05 Aug, 2020 | 20:59
Updated-04 Aug, 2024 | 12:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ATOS/Sips (aka Atos-Magento) community module 3.0.0 to 3.0.5 for Magento allows command injection.

Action-Not Available
Vendor-quadra-informatiquen/a
Product-atos\/sipsn/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-1180
Matching Score-4
Assigner-Zero Day Initiative
ShareView Details
Matching Score-4
Assigner-Zero Day Initiative
CVSS Score-6.8||MEDIUM
EPSS-0.97% / 57.68%
||
7 Day CHG~0.00%
Published-03 Apr, 2024 | 16:30
Updated-08 Aug, 2025 | 18:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
TP-Link Omada ER605 Access Control Command Injection Remote Code Execution Vulnerability

TP-Link Omada ER605 Access Control Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link Omada ER605. Authentication is required to exploit this vulnerability. The specific issue exists within the handling of the name field in the access control user interface. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-22227.

Action-Not Available
Vendor-TP-Link Systems Inc.
Product-omada_er605omada_er605_firmwareOmada ER605er605
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-13252
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-5.42% / 91.73%
||
7 Day CHG~0.00%
Published-21 May, 2020 | 03:35
Updated-04 Aug, 2024 | 12:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Centreon before 19.04.15 allows remote attackers to execute arbitrary OS commands by placing shell metacharacters in RRDdatabase_status_path (via a main.get.php request) and then visiting the include/views/graphs/graphStatus/displayServiceStatus.php page.

Action-Not Available
Vendor-n/aCENTREON
Product-centreonn/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-13378
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-3.31% / 87.05%
||
7 Day CHG~0.00%
Published-12 May, 2023 | 00:00
Updated-24 Jan, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Loadbalancer.org Enterprise VA MAX through 8.3.8 has an OS Command Injection vulnerability that allows a remote authenticated attacker to execute arbitrary code.

Action-Not Available
Vendor-loadbalancern/a
Product-enterprise_va_maxn/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-13778
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-4.21% / 89.76%
||
7 Day CHG~0.00%
Published-19 Oct, 2020 | 12:54
Updated-04 Aug, 2024 | 12:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

rConfig 3.9.4 and earlier allows authenticated code execution (of system commands) by sending a forged GET request to lib/ajaxHandlers/ajaxAddTemplate.php or lib/ajaxHandlers/ajaxEditTemplate.php.

Action-Not Available
Vendor-rconfign/a
Product-rconfign/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-13122
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-7.12% / 93.48%
||
7 Day CHG~0.00%
Published-17 Aug, 2020 | 15:59
Updated-04 Aug, 2024 | 12:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The novish command-line interface, included in NoviFlow NoviWare before NW500.2.12 and deployed on NoviSwitch devices, is vulnerable to command injection in the "show status destination ipaddr" command. This could be used by a read-only user (monitoring group) or admin to execute commands on the operating system.

Action-Not Available
Vendor-noviflown/a
Product-noviwaren/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-5355
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-4.78% / 90.84%
||
7 Day CHG~0.00%
Published-02 Apr, 2026 | 16:45
Updated-07 Apr, 2026 | 17:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Trendnet TEW-657BRM setup.cgi vpn_drop os command injection

A vulnerability has been found in Trendnet TEW-657BRM 1.00.1. Affected by this issue is the function vpn_drop of the file /setup.cgi. The manipulation of the argument policy_name leads to os command injection. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used. The vendor confirms, that "[t]he product in question (...) has been discontinued and end of life since June 23, 2011, that is more than 14 years ago. We no longer provide support for this product, so we are not able to confirm the vulnerabilities. We will make an announcement on our website's product support page and notify customers who registered their products with us." This vulnerability only affects products that are no longer supported by the maintainer.

Action-Not Available
Vendor-TRENDnet, Inc.
Product-tew-657brm_firmwaretew-657brmTEW-657BRM
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-14081
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-2.23% / 80.62%
||
7 Day CHG~0.00%
Published-15 Jun, 2020 | 03:36
Updated-04 Aug, 2024 | 12:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

TRENDnet TEW-827DRU devices through 2.06B04 contain multiple command injections in apply.cgi via the action send_log_email with the key auth_acname (or auth_passwd), allowing an authenticated user to run arbitrary commands on the device.

Action-Not Available
Vendor-n/aTRENDnet, Inc.
Product-tew-827dru_firmwaretew-827drun/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-13694
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-1.67% / 73.95%
||
7 Day CHG~0.00%
Published-01 Jun, 2020 | 15:19
Updated-04 Aug, 2024 | 12:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In QuickBox Community Edition through 2.5.5 and Pro Edition through 2.1.8, the local www-data user can execute sudo mysql without a password, which means that the www-data user can execute arbitrary OS commands via the mysql -e option.

Action-Not Available
Vendor-quickboxn/a
Product-quickboxn/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-13124
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-4.63% / 90.58%
||
7 Day CHG~0.00%
Published-11 Aug, 2020 | 15:48
Updated-04 Aug, 2024 | 12:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SABnzbd 2.3.9 and 3.0.0Alpha2 has a command injection vulnerability in the web configuration interface that permits an authenticated user to execute arbitrary Python commands on the underlying operating system.

Action-Not Available
Vendor-sabnzbdn/a
Product-sabnzbdn/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-13782
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-27.06% / 97.80%
||
7 Day CHG~0.00%
Published-03 Jun, 2020 | 16:23
Updated-04 Aug, 2024 | 12:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

D-Link DIR-865L Ax 1.20B01 Beta devices allow Command Injection.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-865l_firmwaredir-865ln/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-13448
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-17.77% / 96.80%
||
7 Day CHG~0.00%
Published-01 Jun, 2020 | 15:19
Updated-04 Aug, 2024 | 12:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

QuickBox Community Edition through 2.5.5 and Pro Edition through 2.1.8 allows an authenticated remote attacker to execute code on the server via command injection in the servicestart parameter.

Action-Not Available
Vendor-quickboxn/a
Product-quickboxn/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-13851
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-91.09% / 99.80%
||
7 Day CHG~0.00%
Published-11 Jun, 2020 | 02:15
Updated-04 Aug, 2024 | 12:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Artica Pandora FMS 7.44 allows remote command execution via the events feature.

Action-Not Available
Vendor-n/aPandora FMS S.L.U.
Product-pandora_fmsn/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-14075
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-3.07% / 86.04%
||
7 Day CHG~0.00%
Published-15 Jun, 2020 | 03:36
Updated-04 Aug, 2024 | 12:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

TRENDnet TEW-827DRU devices through 2.06B04 contain multiple command injections in apply.cgi via the action pppoe_connect, ru_pppoe_connect, or dhcp_connect with the key wan_ifname (or wan0_dns), allowing an authenticated user to run arbitrary commands on the device.

Action-Not Available
Vendor-n/aTRENDnet, Inc.
Product-tew-827dru_firmwaretew-827drun/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-35019
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-7.2||HIGH
EPSS-1.00% / 58.58%
||
7 Day CHG~0.00%
Published-31 Jul, 2023 | 00:27
Updated-18 Oct, 2024 | 20:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IBM Security Verify Governance command execution

IBM Security Verify Governance, Identity Manager 10.0 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 257873.

Action-Not Available
Vendor-IBM Corporation
Product-security_verify_governanceSecurity Verify Governance, Identity Manager
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-11941
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-4.56% / 90.45%
||
7 Day CHG~0.00%
Published-27 Apr, 2020 | 16:46
Updated-04 Aug, 2024 | 11:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Open-AudIT 3.2.2. There is OS Command injection in Discovery.

Action-Not Available
Vendor-opmantekn/a
Product-open-auditn/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-10966
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-3.07% / 86.06%
||
7 Day CHG~0.00%
Published-07 Nov, 2024 | 18:00
Updated-16 Dec, 2024 | 23:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
TOTOLINK X18 cstecgi.cgi os command injection

A vulnerability, which was classified as critical, has been found in TOTOLINK X18 9.1.0cu.2024_B20220329. Affected by this issue is some unknown functionality of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument enable leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-TOTOLINK
Product-x18x18_firmwareX18x18
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-34108
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-8.8||HIGH
EPSS-0.98% / 57.91%
||
7 Day CHG~0.00%
Published-07 Jun, 2023 | 17:16
Updated-06 Jan, 2025 | 20:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Manipulation of Internal Dovecot Variables in mailcow via crafted Passwords

mailcow is a mail server suite based on Dovecot, Postfix and other open source software, that provides a modern web UI for user/server administration. A vulnerability has been discovered in mailcow which allows an attacker to manipulate internal Dovecot variables by using specially crafted passwords during the authentication process. The issue arises from the behavior of the `passwd-verify.lua` script, which is responsible for verifying user passwords during login attempts. Upon a successful login, the script returns a response in the format of "password=<valid-password>", indicating the successful authentication. By crafting a password with additional key-value pairs appended to it, an attacker can manipulate the returned string and influence the internal behavior of Dovecot. For example, using the password "123 mail_crypt_save_version=0" would cause the `passwd-verify.lua` script to return the string "password=123 mail_crypt_save_version=0". Consequently, Dovecot will interpret this string and set the internal variables accordingly, leading to unintended consequences. This vulnerability can be exploited by an authenticated attacker who has the ability to set their own password. Successful exploitation of this vulnerability could result in unauthorized access to user accounts, bypassing security controls, or other malicious activities. This issue has been patched in version `2023-05a`. Users are advised to upgrade. There are no known workarounds for this vulnerability.

Action-Not Available
Vendor-mailcowmailcow
Product-mailcow\mailcow-dockerized
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-11950
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-2.69% / 84.02%
||
7 Day CHG~0.00%
Published-28 May, 2020 | 12:44
Updated-04 Aug, 2024 | 11:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

VIVOTEK Network Cameras before XXXXX-VVTK-2.2002.xx.01x (and before XXXXX-VVTK-0XXXX_Beta2) allows an authenticated user to upload and execute a script (with resultant execution of OS commands). For example, this affects IT9388-HT devices.

Action-Not Available
Vendor-vivotekn/a
Product-ib8382-rt_firmwareib8379-hfd8177-ht_firmwarefe9582-ehnvfd9387-htvfe9180-hfd8167a-sib9388-htfd9367-ehtv_firmwareib9389-ht_firmwarefd9387-ehvib9381-\(e\)ht_firmwarefd9387-hvcd8371-hnvf2fd9388-htv_firmwareib836b-hf3fd9371-\(e\)htvsd9362-ehfd9381-\(e\)htv_firmwarefd8369a-v_firmwareip9191-hp_firmwarefd9165-ht-aib9367-htfd8379-hv_firmwaresd9366-ehfd9391-ehtvfd8167a-s_firmwarefd836b-htv_firmwarefd9365-ehtv_firmwaresd9363-ehl_firmwarefd9187-ht_firmwareit9389-hmd8563-dehfd9368-htv_firmwarefd9380-hfd9189-hm_firmwarefd9365-ehtv-a_firmwarefe9391-ev_firmwareib9365-htib8382-et_firmwarefd9189-hfd8177-hfd9365-htvl_firmwarefd9389-hmvfd9389-ehmv_firmwarefd816ca-hf2cc8160\(hs\)_firmwareib9381-\(e\)htfd9167-htfd9365-htv-a_firmwareib836ba-hf3_firmwareib8377-htfe9391-evfd9366-hv_firmwareib9391-eht_firmwaresd9364-ehib9389-ehm_firmwarefd9367-htv\(epoc\)ib9365-ht-a_firmwarefd8182-t_firmwarefd9171-htit9388-ht_firmwarefd9365-htv-afd8382-etv_firmwareip9165-lpcib9389-ehmmd8563-ehib9387-h_firmwarefd836b-htvib9387-eht-afd8377-htv_firmwaresd9362-eh-v2_firmwarefe9191ib8382-f3fd8182-f2ib9387-ht-a_firmwarevc8101_firmwarefd8369a-vit9360-h_firmwarefd9360-hfd8179-hib9387-ht-afd8382-tvip8160_firmwareip8160-wfd9187-ht-ama9321-ehtv_firmwarefd816ba-ht_firmwareib8360ib8360-wfd836ba-hvf2fe9382-ehv_firmwarevs8100-v2_firmwarefe9182-h_firmwaremd9560-dhib8382-ef3fd8182-f1fe9182-hfd9166-hn_firmwaremd9560-hib9389-hib9387-hib8360-w_firmwaremd9561-h_firmwarefd8166a-n_firmwarecd8371-hntv_firmwarecc9381-hv_firmwareib836ba-ht_firmwaresd9362-ehlmd9561-hfd9365-htvsd9363-ehl-v2_firmwarefd8377-ehtv_firmwaremd8564-ehfd9391-ehtv_firmwarefd9387-ehv_firmwareip9165-hpip8166fd9367-hv_firmwareib836ba-htcc8160_firmwareib836b-hf3_firmwarefd9389-hv_firmwarefd8382-vf2_firmwareip9167-hp_firmwarefd9187-hip9191-hpib8360_firmwaretb9330-eib8382-rf3fe9382-ehvfd836b-ehvf2_firmwareit9360-hip9167-hpfd9365-htvlib9371-\(e\)htib8382-ef3_firmwareib8369afd9367-hvib9367-h_firmwarefd9181-ht_firmwarefe9191_firmwareib836b-ehf3_firmwarecd8371-hntvib8382-rf3_firmwareip9164-lpc_firmwareib8377-hfd816b-hf2md8565-n_firmwareip9171-hp_firmwareib8369a_firmwarefd8179-h_firmwarefd9187-ht-a_firmwarecc9381-hvsd9364-ehl-v2_firmwareib9389-ehtfd816b-hf2_firmwareib9371-\(e\)ht_firmwareip9164-htit9389-ht_firmwareib8367acc8160\(hs\)fd8382-tv_firmwareip8160cc8371-hvsd9364-eh-v2ib9389-h_firmwaresd9362-eh_firmwarems9321-ehvib836b-htib836ba-ehf3_firmwarefd8382-evf2fd836ba-ehvf2fd816c-hf2_firmwarefd9389-ehmviz9361-eh_firmwareib9387-eht_firmwareib9387-ehtfd9389-ehvib9360-h_firmwarefd9365-htv_firmwaresd9365-ehl_firmwarefd8177-htib8382-f3_firmwaresd9374-ehl\(x\)ib9367-ht_firmwarefd9388-htvfd9167-h_firmwarevc8101ib8382-rtip9165-lpc_firmwareib836b-ht_firmwareib836b-eht_firmwaresd9366-eh_firmwareib9368-htfe9180-h_firmwarefd9181-htfd9389-htvib9389-eht_firmwaresd9364-eh-v2_firmwarefd836ba-hvf2_firmwarefd9371-\(e\)htv_firmwareib8377-ht_firmwarefd9165-htfd8182-f2_firmwareip9167-htfd9167-hfd8167afd836b-hvf2ip9164-ht_firmwareib9367-ehtfd9368-htvfe9381-ehvib9387-ht_firmwarefd9171-ht_firmwarefd9387-ehtvfd816ba-hf2fd8182-f1_firmwarems9321-ehv_firmwareit9380-hfd9387-htv-afd8367a-v_firmwarefd836ba-ehtvfd9189-h_firmwaresd9361-ehl_firmwarefd8382-vf2ip9172-lpc_firmwarems9390-hvib836b-ehtib9387-ehfd9360-h_firmwareip9181-h_firmwarefd836ba-htvfd9387-ehtv-acc8370-hvfd9380-h_firmwareib9365-eht_firmwareib836b-hrf3_firmwarefd9366-hvib8382-t_firmwaresd9366-eh-v2_firmwaremd9560-h_firmwaremd9560-dh_firmwarefd9166-hnsd9374-ehl\(x\)_firmwareib8367a_firmwarefd9387-htv_firmwarecc8371-hv_firmwarema9322-ehtv_firmwareib9365-eht-a_firmwarefd9187-h_firmwarefd816ca-hf2_firmwarefd9167-ht_firmwareip9181-hfd8382-evf2_firmwaremd8564-eh_firmwaremd9581-h_firmwareip9191-htsd9366-eh-v2ip9167-ht_firmwarefd8177-h_firmwarefd816b-ht_firmwarefd8366-vip9165-htib836b-ehf3fd8166a-nfe9181-h_firmwareib9389-ehib9367-eh_firmwarefd836b-ehtv_firmwarefd9387-ehtv_firmwaretb9331-efd816ba-htsd9365-ehlfe9181-hfd836ba-htv_firmwarefd9389-ehv_firmwaresd9361-ehlib836b-hrf3ib9365-ht_firmwareip9164-lpcfd9165-ht_firmwareib9367-ehsd9362-eh-v2ib9391-ehtib9367-hfd8377-ehtvit9380-h_firmwareib8377-eht_firmwarefd8169a_firmwareib836ba-hf3fe8182fd836ba-ehvf2_firmwarefe9380-hv_firmwarefd8166aip9165-hp_firmwarefd9367-ehtvib9389-hm_firmwareib8377-ehtib9365-eht-aib8382-etcc8370-hv_firmwareip9172-lpcfd8169a-s_firmwareib9387-htib9365-ht-aip9191-ht_firmwarefe9380-hvfe9582-ehnv_firmwarefd9367-htv\(epoc\)_firmwaresd9364-ehl_firmwarefe8182_firmwaremd8563-deh_firmwarema9322-ehtvtb9331-e_firmwareit9389-h_firmwarefd816c-hf2fd9165-ht-a_firmwareib9380-h_firmwaresd9363-ehl-v2ib9365-ehtfd9381-\(e\)htvmd8565-nib836ba-ehtfd9367-htv_firmwareip8160-w_firmwarefd9189-hmfd8377-hvib9389-eh_firmwareib836ba-eht_firmwareip9165-lpc\(i-cs_kit\)ib8382-tfd9389-ehtv_firmwarefd8169aib9368-ht_firmwarefd8167a_firmwaresd9364-ehlcd8371-hnvf2_firmwareit9389-htsd9364-ehl-v2fd836b-ehvf2fd9367-htvfd8366-v_firmwareib9388-ht_firmwareip8166_firmwareip9171-hpib8377-h_firmwarefd816ba-hf2_firmwarefd836b-hvf2_firmwarefd816b-htmd9581-hmd8563-eh_firmwarefd9387-ehtv-a_firmwaresd9366-ehlfd8166a_firmwareip9165-ht_firmwarefd8182-tfd9365-ehtvms9390-hv_firmwarefe9381-ehv_firmwareip9165-lpc\(i-cs_kit\)_firmwarefd8377-htvfd9389-ehtvfd9189-ht_firmwareib9387-eh_firmwareit9388-htib9360-hfd8367a-vcc8160vs8100-v2sd9161-hfd9187-htfd9389-hvfd8169a-ssd9362-ehl_firmwareib9380-htb9330-e_firmwarefd8382-etvma9321-ehtvsd9363-ehlsd9364-eh_firmwarefd836b-ehtvib9389-htib836ba-ehf3ib9389-hmib9387-eht-a_firmwareiz9361-ehsd9366-ehl_firmwarefd8379-hvfd8377-hv_firmwarefd9389-hmv_firmwarefd9387-htv-a_firmwareib9367-eht_firmwarefd836ba-ehtv_firmwarefd9389-htv_firmwareib8379-h_firmwarefd9189-htsd9161-h_firmwarefd9365-ehtv-afd9387-hv_firmwaren/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-11852
Matching Score-4
Assigner-OpenText (formerly Micro Focus)
ShareView Details
Matching Score-4
Assigner-OpenText (formerly Micro Focus)
CVSS Score-8.8||HIGH
EPSS-1.37% / 68.54%
||
7 Day CHG~0.00%
Published-07 Aug, 2020 | 15:53
Updated-04 Aug, 2024 | 11:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

DKIM key management page vulnerability on Micro Focus Secure Messaging Gateway (SMG). Affecting all SMG Appliance running releases prior to July 2020. The vulnerability could allow a logged in user with rights to generate DKIM key information to inject system commands into the call to the DKIM system command.

Action-Not Available
Vendor-n/aMicro Focus International Limited
Product-secure_messaging_gatewaySecure Messaging Gateway ( SMG).
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-42364
Matching Score-4
Assigner-0df08a0e-a200-4957-9bb0-084f562506f9
ShareView Details
Matching Score-4
Assigner-0df08a0e-a200-4957-9bb0-084f562506f9
CVSS Score-9.9||CRITICAL
EPSS-1.61% / 72.94%
||
7 Day CHG~0.00%
Published-04 May, 2026 | 00:41
Updated-15 Jun, 2026 | 21:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GeoVision LPC2011/LPC2211 Web Interface / DdnsSetting.cgi OS command injection vulnerability

An os command injection vulnerability exists in the DdnsSetting.cgi functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted DDNS configuration can lead to arbitrary command execution. An attacker can modify a configuration value to trigger this vulnerability.

Action-Not Available
Vendor-geovisionGeoVision Inc.
Product-gv-lpc2211_firmwaregv-lpc2211gv-lpc2011_firmwaregv-lpc2011GV-LPC2011/LPC2211
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-11978
Matching Score-4
Assigner-Apache Software Foundation
ShareView Details
Matching Score-4
Assigner-Apache Software Foundation
CVSS Score-8.8||HIGH
EPSS-99.12% / 99.93%
||
7 Day CHG~0.00%
Published-16 Jul, 2020 | 00:00
Updated-23 Oct, 2025 | 14:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-07-18||Apply updates per vendor instructions.

An issue was found in Apache Airflow versions 1.10.10 and below. A remote code/command injection vulnerability was discovered in one of the example DAGs shipped with Airflow which would allow any authenticated user to run arbitrary commands as the user running airflow worker/scheduler (depending on the executor in use). If you already have examples disabled by setting load_examples=False in the config then you are not vulnerable.

Action-Not Available
Vendor-The Apache Software Foundation
Product-airflowApache AirflowAirflow
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-12513
Matching Score-4
Assigner-CERT@VDE
ShareView Details
Matching Score-4
Assigner-CERT@VDE
CVSS Score-7.5||HIGH
EPSS-31.11% / 98.05%
||
7 Day CHG~0.00%
Published-22 Jan, 2021 | 19:01
Updated-16 Sep, 2024 | 17:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Pepper+Fuchs Comtrol IO-Link Master OS Command Injection

Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated blind OS Command Injection.

Action-Not Available
Vendor-pepperl-fuchsPepper+Fuchs
Product-io-link_master_dr-8-eip_firmwareio-link_master_dr-8-pnio-p_firmwareio-link_master_dr-8-pnio-tio-link_master_dr-8-eipio-link_master_dr-8-eip-t_firmwareio-link_master_4-eip_firmwareio-link_master_dr-8-eip-p_firmwareio-link_master_4-pnioio-link_master_8-pnio-lio-link_master_8-pnio-l_firmwareio-link_master_4-pnio_firmwareio-link_master_dr-8-pnio-t_firmwareio-link_master_4-eipio-link_master_8-eip-lio-link_master_8-pnio_firmwareio-link_master_8-eip_firmwareio-link_master_8-eip-l_firmwareio-link_master_dr-8-pnio-pio-link_master_dr-8-eip-pio-link_master_8-pnioio-link_master_8-eipio-link_master_dr-8-pnio_firmwareio-link_master_dr-8-eip-tio-link_master_dr-8-pnioComtrol IO-Link Master
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • ...
  • 24
  • 25
  • Next
Details not found