Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2024-9139

Summary
Assigner-Moxa
Assigner Org ID-2e0a0ee2-d866-482a-9f5e-ac03d156dbaa
Published At-14 Oct, 2024 | 08:20
Updated At-06 Nov, 2024 | 20:47
Rejected At-
Credits

OS Command Injection in Restricted Command

The affected product permits OS command injection through improperly restricted commands, potentially allowing attackers to execute arbitrary code.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:Moxa
Assigner Org ID:2e0a0ee2-d866-482a-9f5e-ac03d156dbaa
Published At:14 Oct, 2024 | 08:20
Updated At:06 Nov, 2024 | 20:47
Rejected At:
▼CVE Numbering Authority (CNA)
OS Command Injection in Restricted Command

The affected product permits OS command injection through improperly restricted commands, potentially allowing attackers to execute arbitrary code.

Affected Products
Vendor
Moxa Inc.Moxa
Product
EDR-8010 Series
Default Status
unaffected
Versions
Affected
  • From 1.0 through 3.12.1 (custom)
Vendor
Moxa Inc.Moxa
Product
EDR-G9004 Series
Default Status
unaffected
Versions
Affected
  • From 1.0 through 3.12.1 (custom)
Vendor
Moxa Inc.Moxa
Product
EDR-G9010 Series
Default Status
unaffected
Versions
Affected
  • From 1.0 through 3.12.1 (custom)
Vendor
Moxa Inc.Moxa
Product
EDF-G1002-BP Series
Default Status
unaffected
Versions
Affected
  • From 1.0 through 3.12.1 (custom)
Vendor
Moxa Inc.Moxa
Product
NAT-102 Series
Default Status
unaffected
Versions
Affected
  • From 1.0 through 1.0.5 (custom)
Vendor
Moxa Inc.Moxa
Product
OnCell G4302-LTE4 Series
Default Status
unaffected
Versions
Affected
  • From 1.0 through 3.9 (custom)
Vendor
Moxa Inc.Moxa
Product
TN-4900 Series
Default Status
unaffected
Versions
Affected
  • From 1.0 through 3.6 (custom)
Vendor
Moxa Inc.Moxa
Product
EDR-810 Series
Default Status
unaffected
Versions
Affected
  • From 1.0 through 5.12.33 (custom)
Problem Types
TypeCWE IDDescription
CWECWE-78CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Type: CWE
CWE ID: CWE-78
Description: CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Metrics
VersionBase scoreBase severityVector
4.08.6HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
3.17.2HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Version: 4.0
Base score: 8.6
Base severity: HIGH
Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Version: 3.1
Base score: 7.2
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
CAPEC-88CAPEC-88 OS Command Injection
CAPEC ID: CAPEC-88
Description: CAPEC-88 OS Command Injection
Solutions

Moxa has developed appropriate solutions to address the vulnerabilities. The solutions for the affected products are shown below. * EDR-8010 Series: Upgrade to the firmware version 3.13 or later version. * EDR-G9004 Series: Upgrade to the firmware version 3.13 or later version. * EDR-G9010 Series: Upgrade to the firmware version 3.13 or later version. * EDF-G1002-BP Series: Upgrade to the firmware version 3.13 or later version. * NAT-102 Series: Please contact Moxa Technical Support for the security patch. * OnCell G4302-LTE4 Series: Upgrade to the firmware version 3.13 or later version. * TN-4900 Series: Upgrade to the firmware version 3.13 or later version. * EDR-810 Series: Upgrade to the firmware version 5.12.37 or later version.

Configurations

Workarounds

* Minimize network exposure to ensure the device is not accessible from the Internet. * Limit web access to trusted IP addresses and networks by using firewall rules or TCP wrappers. * Implement IDS or Intrusion Prevention System (IPS) to detect and prevent exploitation attempts. These systems can provide an additional layer of defense by monitoring network traffic for signs of attacks.

Exploits

Credits

finder
Lars Haulin
Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://www.moxa.com/en/support/product-support/security-advisory/mpsa-241154-missing-authentication-and-os-command-injection-vulnerabilities-in-routers-and-network-security-appliances
vendor-advisory
Hyperlink: https://www.moxa.com/en/support/product-support/security-advisory/mpsa-241154-missing-authentication-and-os-command-injection-vulnerabilities-in-routers-and-network-security-appliances
Resource:
vendor-advisory
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Vendor
Moxa Inc.moxa
Product
edr-8010_firmware
CPEs
  • cpe:2.3:o:moxa:edr-8010_firmware:*:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 1.0 through 3.12.1 (custom)
Vendor
Moxa Inc.moxa
Product
edr-g9004_firmware
CPEs
  • cpe:2.3:o:moxa:edr-g9004_firmware:*:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 1.0 through 3.12.1 (custom)
Vendor
Moxa Inc.moxa
Product
edr-g9010_firmware
CPEs
  • cpe:2.3:o:moxa:edr-g9010_firmware:*:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 1.0 through 3.12.1 (custom)
Vendor
Moxa Inc.moxa
Product
edf-g1002-bp_firmware
CPEs
  • cpe:2.3:o:moxa:edf-g1002-bp_firmware:*:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 1.0 through 3.12.1 (custom)
Vendor
Moxa Inc.moxa
Product
nat-102_firmware
CPEs
  • cpe:2.3:o:moxa:nat-102_firmware:*:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 1.0 through 1.0.5 (custom)
Vendor
Moxa Inc.moxa
Product
oncell_g4302-lte4_firmware
CPEs
  • cpe:2.3:o:moxa:oncell_g4302-lte4_firmware:*:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 1.0 through 3.9 (custom)
Vendor
Moxa Inc.moxa
Product
tn-4900_firmware
CPEs
  • cpe:2.3:o:moxa:tn-4900_firmware:*:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 1.0 through 3.6 (custom)
Vendor
Moxa Inc.moxa
Product
edr-810_firmware
CPEs
  • cpe:2.3:o:moxa:edr-810_firmware:*:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 1.0 through 5.12.33 (custom)
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:psirt@moxa.com
Published At:14 Oct, 2024 | 09:15
Updated At:15 Apr, 2026 | 00:35

The affected product permits OS command injection through improperly restricted commands, potentially allowing attackers to execute arbitrary code.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary4.08.6HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Secondary3.17.2HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 4.0
Base score: 8.6
Base severity: HIGH
Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Type: Secondary
Version: 3.1
Base score: 7.2
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CPE Matches

Weaknesses
CWE IDTypeSource
CWE-78Secondarypsirt@moxa.com
CWE ID: CWE-78
Type: Secondary
Source: psirt@moxa.com
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
https://www.moxa.com/en/support/product-support/security-advisory/mpsa-241154-missing-authentication-and-os-command-injection-vulnerabilities-in-routers-and-network-security-appliancespsirt@moxa.com
N/A
Hyperlink: https://www.moxa.com/en/support/product-support/security-advisory/mpsa-241154-missing-authentication-and-os-command-injection-vulnerabilities-in-routers-and-network-security-appliances
Source: psirt@moxa.com
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

776Records found

CVE-2026-9717
Matching Score-4
Assigner-Schneider Electric
ShareView Details
Matching Score-4
Assigner-Schneider Electric
CVSS Score-8.6||HIGH
EPSS-1.19% / 64.20%
||
7 Day CHG+0.19%
Published-25 Jun, 2026 | 15:05
Updated-25 Jun, 2026 | 19:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CWE-78 Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability exists that could allow unauthorized execution of commands with elevated privileges, impacting system integrity, confidentiality, and availability when a privileged authenticated user interacts with a vulnerable network-exposed service.

Action-Not Available
Vendor-Schneider Electric SE
Product-PowerLogic™ P7
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-34883
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-1.22% / 65.00%
||
7 Day CHG~0.00%
Published-06 Sep, 2022 | 06:30
Updated-25 Feb, 2026 | 16:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
OS Command Injection Vulnerability in RAID Manager Storage Replication Adapter

OS Command Injection vulnerability in Hitachi RAID Manager Storage Replication Adapter allows remote authenticated users to execute arbitrary OS commands. This issue affects: Hitachi RAID Manager Storage Replication Adapter 02.01.04 versions prior to 02.03.02 on Windows; 02.05.00 versions prior to 02.05.01 on Windows and Docker.

Action-Not Available
Vendor-Microsoft CorporationDocker, Inc.Hitachi, Ltd.
Product-raid_manager_storage_replication_adapterdockerwindowsRAID Manager Storage Replication Adapter
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-32752
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-7.2||HIGH
EPSS-1.36% / 68.40%
||
7 Day CHG~0.00%
Published-15 Jun, 2023 | 02:57
Updated-12 Dec, 2024 | 21:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IBM Security Directory Suite VA command execution

IBM Security Directory Suite VA 8.0.1 through 8.0.1.19 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 228439.

Action-Not Available
Vendor-IBM Corporation
Product-security_directory_suite_vaSecurity Directory Suite VA
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-50194
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.1||HIGH
EPSS-2.60% / 83.49%
||
7 Day CHG~0.00%
Published-02 Mar, 2026 | 15:16
Updated-03 Mar, 2026 | 18:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Chamilo: OS Command Injection in /main/cron/lang/check_parse_lang.php

Chamilo is a learning management system. Prior to version 1.11.30, there is an OS Command Injection vulnerability in /main/cron/lang/check_parse_lang.php. This issue has been patched in version 1.11.30.

Action-Not Available
Vendor-chamilochamilo
Product-chamilo_lmschamilo-lms
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-50193
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.1||HIGH
EPSS-2.60% / 83.48%
||
7 Day CHG~0.00%
Published-02 Mar, 2026 | 15:16
Updated-03 Mar, 2026 | 18:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Chamilo: OS command Injection in /plugin/vchamilo/views/import.php with the POST to_main_database parameter

Chamilo is a learning management system. Prior to version 1.11.30, there is an OS command Injection vulnerability in /plugin/vchamilo/views/import.php with the POST to_main_database parameter. This issue has been patched in version 1.11.30.

Action-Not Available
Vendor-chamilochamilo
Product-chamilo_lmschamilo-lms
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-50196
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.1||HIGH
EPSS-2.75% / 84.40%
||
7 Day CHG~0.00%
Published-02 Mar, 2026 | 15:17
Updated-03 Mar, 2026 | 18:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Chamilo: OS Command Injection in /plugin/vchamilo/views/editinstance.php via POST main_database parameter

Chamilo is a learning management system. Prior to version 1.11.30, there is an OS Command Injection vulnerability in /plugin/vchamilo/views/editinstance.php via the POST main_database parameter. This issue has been patched in version 1.11.30.

Action-Not Available
Vendor-chamilochamilo
Product-chamilo_lmschamilo-lms
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-49815
Matching Score-4
Assigner-Dell
ShareView Details
Matching Score-4
Assigner-Dell
CVSS Score-7.2||HIGH
EPSS-1.10% / 61.55%
||
7 Day CHG~0.00%
Published-03 Jul, 2026 | 14:09
Updated-03 Jul, 2026 | 15:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an improper neutralization of special Elements used in an OS command ('OS command Injection') vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to execution of arbitrary OS commands.

Action-Not Available
Vendor-Dell Inc.
Product-PowerProtect Data Domain
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2012-10028
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.6||HIGH
EPSS-0.94% / 56.49%
||
7 Day CHG~0.00%
Published-05 Aug, 2025 | 20:04
Updated-15 May, 2026 | 11:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Netwin SurgeFTP <= v23c8 Authenticated RCE

Netwin SurgeFTP version 23c8 and prior contains a vulnerability in its web-based administrative console that allows authenticated users to execute arbitrary system commands via crafted POST requests to `surgeftpmgr.cgi`. This can lead to full remote code execution on the underlying system.

Action-Not Available
Vendor-Netwin
Product-SurgeFTP
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-49813
Matching Score-4
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-4
Assigner-Fortinet, Inc.
CVSS Score-6.6||MEDIUM
EPSS-1.12% / 62.29%
||
7 Day CHG~0.00%
Published-12 Aug, 2025 | 18:59
Updated-26 Feb, 2026 | 17:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An improper neutralization of special elements used in an OS Command ("OS Command Injection") vulnerability [CWE-78] in Fortinet FortiADC version 7.2.0 and before 7.1.1 allows a remote and authenticated attacker with low privilege to execute unauthorized code via specifically crafted HTTP parameters.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiadcFortiADC
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2012-10029
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.6||HIGH
EPSS-2.58% / 83.31%
||
7 Day CHG~0.00%
Published-05 Aug, 2025 | 20:03
Updated-15 May, 2026 | 11:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Nagios XI Network Monitor Graph Explorer Component < 1.3 Authenticated Command Injection

Nagios XI Network Monitor prior to Graph Explorer component version 1.3 contains a command injection vulnerability in `visApi.php`. An authenticated user can inject system commands via unsanitized parameters such as `host`, resulting in remote code execution.

Action-Not Available
Vendor-Nagios Enterprises, LLC
Product-Nagios XI Graph Explorer
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2019-5315
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.2||HIGH
EPSS-2.25% / 80.76%
||
7 Day CHG~0.00%
Published-13 Sep, 2019 | 16:53
Updated-04 Aug, 2024 | 19:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A command injection vulnerability is present in the web management interface of ArubaOS that permits an authenticated user to execute arbitrary commands on the underlying operating system. A malicious administrator could use this ability to install backdoors or change system configuration in a way that would not be logged. This vulnerability only affects ArubaOS 8.x.

Action-Not Available
Vendor-n/aAruba Networks
Product-arubaosAruba Mobility Controllers
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-8272
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.1||MEDIUM
EPSS-5.59% / 91.95%
||
7 Day CHG~0.00%
Published-11 May, 2026 | 04:15
Updated-12 May, 2026 | 13:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
D-Link DNS-320 webfile_mgr.cgi chown os command injection

A security flaw has been discovered in D-Link DNS-320 2.06B01. This affects the function delete/rename/copy/move/chmod/chown of the file /cgi-bin/webfile_mgr.cgi. The manipulation results in os command injection. The attack may be performed from remote. The exploit has been released to the public and may be used for attacks.

Action-Not Available
Vendor-D-Link Corporation
Product-dns-320dns-320_firmwareDNS-320
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-29061
Matching Score-4
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-4
Assigner-Fortinet, Inc.
CVSS Score-7.2||HIGH
EPSS-1.55% / 72.00%
||
7 Day CHG~0.00%
Published-09 Sep, 2022 | 06:55
Updated-25 Oct, 2024 | 13:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in Fortinet FortiSOAR before 7.2.1 allows an authenticated attacker to execute unauthorized code or commands via crafted HTTP GET requests.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortisoarFortinet FortiSOAR
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-8273
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.1||MEDIUM
EPSS-4.54% / 90.42%
||
7 Day CHG~0.00%
Published-11 May, 2026 | 04:30
Updated-11 May, 2026 | 20:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
D-Link DNS-320 system_mgr.cgi cgi_merge_user os command injection

A weakness has been identified in D-Link DNS-320 2.06B01. This impacts the function cgi_set_host/cgi_set_ntp/cgi_fan_control/cgi_merge_user of the file /cgi-bin/system_mgr.cgi. This manipulation causes os command injection. It is possible to initiate the attack remotely.

Action-Not Available
Vendor-D-Link Corporation
Product-dns-320dns-320_firmwareDNS-320
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-8259
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.1||MEDIUM
EPSS-4.45% / 90.25%
||
7 Day CHG~0.00%
Published-11 May, 2026 | 01:00
Updated-11 May, 2026 | 17:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda AC6 httpd telnet os command injection

A vulnerability has been found in Tenda AC6 2.0/15.03.06.23. The affected element is an unknown function of the file /goform/telnet of the component httpd. The manipulation of the argument lan.ip leads to os command injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-ac6ac6_firmwareAC6
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-8051
Matching Score-4
Assigner-Ivanti
ShareView Details
Matching Score-4
Assigner-Ivanti
CVSS Score-7.2||HIGH
EPSS-1.91% / 77.34%
||
7 Day CHG~0.00%
Published-12 May, 2026 | 14:24
Updated-15 May, 2026 | 13:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

OS command injection in Ivanti Virtual Traffic Manager before version 22.9r4 allows a remote authenticated attacker with admin privileges to achieve remote code execution.

Action-Not Available
Vendor-Ivanti Software
Product-virtual_traffic_managerVirtual Traffic Manager
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-7461
Matching Score-4
Assigner-Amazon
ShareView Details
Matching Score-4
Assigner-Amazon
CVSS Score-7.5||HIGH
EPSS-0.55% / 41.85%
||
7 Day CHG~0.00%
Published-30 Apr, 2026 | 18:35
Updated-05 May, 2026 | 02:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
OS Command Injection in Amazon ECS Agent via FSx Windows File Server Volume Credentials

Improper neutralization of inputs used in an OS command in the FSx Windows File Server volume mounting component in Amazon ECS Agent on Windows before version 1.103.0 might allow a remote authenticated threat actor to execute shell commands with SYSTEM privileges on the underlying host via a specially crafted username field in an ECS task definition. This issue requires permissions to register ECS task definitions or write to the Secrets Manager or SSM Parameter Store credentials used by the FSx volume configuration. To remediate this issue, users should upgrade to version 1.103.0.

Action-Not Available
Vendor-amazonAWS
Product-amazon_ecs_container_agentAmazon ECS Agent
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-47856
Matching Score-4
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-4
Assigner-Fortinet, Inc.
CVSS Score-7.2||HIGH
EPSS-1.36% / 68.32%
||
7 Day CHG~0.00%
Published-14 Oct, 2025 | 13:42
Updated-16 Oct, 2025 | 13:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Two improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerabilities [CWE-78] in Fortinet FortiVoice version 7.2.0, 7.0.0 through 7.0.6 and before 6.4.10 allows a privileged attacker to execute arbitrary code or commands via crafted HTTP/HTTPS or CLI requests.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortivoiceFortiVoice
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-8265
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.1||MEDIUM
EPSS-4.41% / 90.16%
||
7 Day CHG~0.00%
Published-11 May, 2026 | 02:30
Updated-11 May, 2026 | 17:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda AC6 httpd getLogFile get_log_file os command injection

A security vulnerability has been detected in Tenda AC6 15.03.06.23. Affected by this issue is the function get_log_file of the file /goform/getLogFile of the component httpd. The manipulation of the argument wans.flag leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed publicly and may be used.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-ac6ac6_firmwareAC6
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-46645
Matching Score-4
Assigner-Dell
ShareView Details
Matching Score-4
Assigner-Dell
CVSS Score-6.5||MEDIUM
EPSS-1.41% / 69.37%
||
7 Day CHG~0.00%
Published-09 Jan, 2026 | 16:14
Updated-26 Feb, 2026 | 15:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.4.0.0, LTS2025 release version 8.3.1.10, LTS2024 release versions 7.13.1.0 through 7.13.1.40, LTS 2023 release versions 7.10.1.0 through 7.10.1.70, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Command execution.

Action-Not Available
Vendor-Dell Inc.
Product-data_domain_operating_systemPowerProtect Data Domain with Data Domain Operating System (DD OS) LTS2023PowerProtect Data Domain with Data Domain Operating System (DD OS) LTS 2024PowerProtect Data Domain with Data Domain Operating System (DD OS) Feature ReleasePowerProtect Data Domain with Data Domain Operating System (DD OS) LTS2025
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-47212
Matching Score-4
Assigner-QNAP Systems, Inc.
ShareView Details
Matching Score-4
Assigner-QNAP Systems, Inc.
CVSS Score-5.1||MEDIUM
EPSS-1.36% / 68.47%
||
7 Day CHG-0.02%
Published-03 Oct, 2025 | 18:10
Updated-26 Feb, 2026 | 17:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
QTS, QuTS hero

A command injection vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the following versions: QTS 5.2.6.3195 build 20250715 and later QuTS hero h5.2.6.3195 build 20250715 and later

Action-Not Available
Vendor-QNAP Systems, Inc.
Product-qtsquts_heroQuTS heroQTS
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-27616
Matching Score-4
Assigner-Synology Inc.
ShareView Details
Matching Score-4
Assigner-Synology Inc.
CVSS Score-7.2||HIGH
EPSS-1.57% / 72.41%
||
7 Day CHG~0.00%
Published-03 Aug, 2022 | 02:10
Updated-14 Jan, 2025 | 19:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability in webapi component in Synology DiskStation Manager (DSM) before 7.0.1-42218-3 allows remote authenticated users to execute arbitrary commands via unspecified vectors.

Action-Not Available
Vendor-Synology, Inc.
Product-diskstation_managerDiskStation Manager (DSM)
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-6992
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.6||HIGH
EPSS-6.06% / 92.51%
||
7 Day CHG~0.00%
Published-25 Apr, 2026 | 18:00
Updated-30 Apr, 2026 | 14:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Linksys MR9600 JNAP Action run_central2.sh BTRequestGetSmartConnectStatus os command injection

A vulnerability was identified in Linksys MR9600 2.0.6.206937. This affects the function BTRequestGetSmartConnectStatus of the file /etc/init.d/run_central2.sh of the component JNAP Action Handler. The manipulation of the argument pin leads to os command injection. The attack may be initiated remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-Linksys Holdings, Inc.
Product-mr9600_firmwaremr9600MR9600
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-27483
Matching Score-4
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-4
Assigner-Fortinet, Inc.
CVSS Score-7.2||HIGH
EPSS-2.12% / 79.59%
||
7 Day CHG~0.00%
Published-18 Jul, 2022 | 16:40
Updated-25 Oct, 2024 | 13:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiManager version 7.0.0 through 7.0.3, 6.4.0 through 6.4.7, 6.2.x and 6.0.x and FortiAnalyzer version 7.0.0 through 7.0.3, version 6.4.0 through 6.4.7, 6.2.x and 6.0.x allows attacker to execute arbitrary shell code as `root` user via `diagnose system` CLI commands.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortianalyzerfortimanagerFortinet FortiManager, FortiAnalyzer
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-27489
Matching Score-4
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-4
Assigner-Fortinet, Inc.
CVSS Score-7||HIGH
EPSS-1.47% / 70.67%
||
7 Day CHG~0.00%
Published-16 Feb, 2023 | 18:06
Updated-23 Oct, 2024 | 14:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiExtender 7.0.0 through 7.0.3, 5.3.2, 4.2.4 and below allows attacker to execute unauthorized code or commands via crafted HTTP requests.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiextender_firmwarefortiextenderFortiExtender
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-6483
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.6||HIGH
EPSS-14.13% / 96.13%
||
7 Day CHG~0.00%
Published-17 Apr, 2026 | 10:30
Updated-22 Apr, 2026 | 20:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Wavlink WL-WN530H4 internet.cgi snprintf os command injection

A vulnerability was found in Wavlink WL-WN530H4 20220721. This vulnerability affects the function strcat/snprintf of the file /cgi-bin/internet.cgi. The manipulation results in os command injection. It is possible to launch the attack remotely. The exploit has been made public and could be used. Upgrading to version 2026.04.16 is able to resolve this issue. Upgrading the affected component is recommended.

Action-Not Available
Vendor-WAVLINK Technology Ltd.
Product-WL-WN530H4
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-6204
Matching Score-4
Assigner-ab69c47f-b95e-4bf2-b2d9-4b1fd1b24b4a
ShareView Details
Matching Score-4
Assigner-ab69c47f-b95e-4bf2-b2d9-4b1fd1b24b4a
CVSS Score-8.5||HIGH
EPSS-7.53% / 93.77%
||
7 Day CHG~0.00%
Published-13 Apr, 2026 | 10:56
Updated-22 Apr, 2026 | 19:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

LibreNMS versions before 26.3.0 are affected by an authenticated remote code execution vulnerability by abusing the Binary Locations config and the Netcommand feature. Successful exploitation requires administrative privileges. Exploitation could result in compromise of the underlying web server.

Action-Not Available
Vendor-LibreNMS
Product-librenmslibrenms
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-43941
Matching Score-4
Assigner-Dell
ShareView Details
Matching Score-4
Assigner-Dell
CVSS Score-7.2||HIGH
EPSS-0.72% / 49.41%
||
7 Day CHG~0.00%
Published-30 Oct, 2025 | 13:57
Updated-26 Feb, 2026 | 16:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Unity, version(s) 5.5 and Prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability to execute arbitrary command with root privileges. This vulnerability only affects systems without a valid license install.

Action-Not Available
Vendor-Dell Inc.
Product-unity_operating_environmentUnity
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-5844
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.6||HIGH
EPSS-5.08% / 91.30%
||
7 Day CHG~0.00%
Published-09 Apr, 2026 | 04:45
Updated-30 Apr, 2026 | 16:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
D-Link DIR-882 HNAP1 SetNetworkSettings prog.cgi sprintf os command injection

A vulnerability was found in D-Link DIR-882 1.01B02. Impacted is the function sprintf of the file prog.cgi of the component HNAP1 SetNetworkSettings Handler. The manipulation of the argument IPAddress results in os command injection. The attack may be performed from remote. The exploit has been made public and could be used. This vulnerability only affects products that are no longer supported by the maintainer.

Action-Not Available
Vendor-D-Link Corporation
Product-dir-882_firmwaredir-882DIR-882
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-27224
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-4.48% / 90.30%
||
7 Day CHG+0.05%
Published-09 May, 2022 | 14:29
Updated-22 May, 2026 | 14:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Galleon NTS-6002-GPS 4.14.103-Galleon-NTS-6002.V12 4. An authenticated attacker can perform command injection as root via shell metacharacters within the Network Tools section of the web-management interface. All three networking tools are affected (Ping, Traceroute, and DNS Lookup) and their respective input fields (ping_address, trace_address, nslookup_address). NOTE: this is disputed by the Supplier because the affected components were never shipped in a production release (they were only present in development releases), and because no privilege boundary is crossed (an applicable "authenticated attacker" always also has the supported ability to make an SSH connection as root).

Action-Not Available
Vendor-galsysn/a
Product-nts-6002-gps_firmwarents-6002-gpsn/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-56808
Matching Score-4
Assigner-JPCERT/CC
ShareView Details
Matching Score-4
Assigner-JPCERT/CC
CVSS Score-8.6||HIGH
EPSS-1.55% / 72.09%
||
7 Day CHG~0.00%
Published-30 Jun, 2026 | 06:00
Updated-30 Jun, 2026 | 14:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

DGM3103SCT provided by AVTECH Security Corporation contains an OS command injection vulnerability, which may lead to arbitrary command execution with the root privilege by a user who can log in to the web management console of the affected product.

Action-Not Available
Vendor-AVTECH Security Corporation
Product-DGM3103SCT
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-26482
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-22.34% / 97.40%
||
7 Day CHG~0.00%
Published-17 Jul, 2022 | 22:04
Updated-03 Aug, 2024 | 05:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Poly EagleEye Director II before 2.2.2.1. os.system command injection can be achieved by an admin.

Action-Not Available
Vendor-polyn/a
Product-eagleeye_director_ii_firmwareeagleeye_director_iin/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-41279
Matching Score-4
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-4
Assigner-Nozomi Networks Inc.
CVSS Score-8.6||HIGH
EPSS-0.88% / 54.76%
||
7 Day CHG~0.00%
Published-29 May, 2026 | 10:59
Updated-01 Jun, 2026 | 18:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in the Administration WebUI in Waterfall WF-500 RX Host in version 7.9.1.0 R2502171040 that allows remote authenticated attackers to execute arbitrary operating system commands on the WF-500 RX Host.

Action-Not Available
Vendor-waterfall-securityWaterfall
Product-wf-500_firmwarewf-500WF-500
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-41385
Matching Score-4
Assigner-JPCERT/CC
ShareView Details
Matching Score-4
Assigner-JPCERT/CC
CVSS Score-7.1||HIGH
EPSS-1.24% / 65.56%
||
7 Day CHG~0.00%
Published-30 May, 2025 | 06:35
Updated-04 Jun, 2025 | 19:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An OS Command Injection issue exists in wivia 5 all versions. If this vulnerability is exploited, an arbitrary OS command may be executed by a logged-in administrative user.

Action-Not Available
Vendor-uchidaUCHIDA YOKO CO., LTD.
Product-wivia_5wivia_5_firmwarewivia 5
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-41674
Matching Score-4
Assigner-CERT@VDE
ShareView Details
Matching Score-4
Assigner-CERT@VDE
CVSS Score-7.2||HIGH
EPSS-0.59% / 44.10%
||
7 Day CHG~0.00%
Published-21 Jul, 2025 | 09:29
Updated-06 Nov, 2025 | 16:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Remote Command Injection in diagnostic Action Due to Improper Input Neutralization

A high privileged remote attacker can execute arbitrary system commands via POST requests in the diagnostic action due to improper neutralization of special elements used in an OS command.

Action-Not Available
Vendor-mbconnectlineHelmholzMB connect line
Product-mbnet.minimbnet.mini_firmwarembNET.miniREX 100
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-41265
Matching Score-4
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-4
Assigner-Nozomi Networks Inc.
CVSS Score-8.6||HIGH
EPSS-0.88% / 54.76%
||
7 Day CHG~0.00%
Published-29 May, 2026 | 10:41
Updated-01 Jun, 2026 | 18:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in the Administration WebUI in Waterfall WF-500 TX Host in version 7.9.1.0 R2502171040 that allows remote authenticated attackers to execute arbitrary operating system commands on the WF-500 TX Host.

Action-Not Available
Vendor-waterfall-securityWaterfall
Product-wf-500_firmwarewf-500WF-500
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-53478
Matching Score-4
Assigner-Dell
ShareView Details
Matching Score-4
Assigner-Dell
CVSS Score-7.2||HIGH
EPSS-1.22% / 64.91%
||
7 Day CHG~0.00%
Published-03 Jul, 2026 | 14:03
Updated-03 Jul, 2026 | 15:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an improper neutralization of special elements used in an OS command ('OS command Injection') vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to command execution.

Action-Not Available
Vendor-Dell Inc.
Product-PowerProtect Data Domain
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-41266
Matching Score-4
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-4
Assigner-Nozomi Networks Inc.
CVSS Score-8.6||HIGH
EPSS-0.88% / 54.76%
||
7 Day CHG~0.00%
Published-29 May, 2026 | 10:48
Updated-01 Jun, 2026 | 18:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in the Administration WebUI in Waterfall WF-500 TX Host in version 7.9.1.0 R2502171040 that allows remote authenticated attackers to execute arbitrary operating system commands on the WF-500 TX Host.

Action-Not Available
Vendor-waterfall-securityWaterfall
Product-wf-500_firmwarewf-500WF-500
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-41673
Matching Score-4
Assigner-CERT@VDE
ShareView Details
Matching Score-4
Assigner-CERT@VDE
CVSS Score-7.2||HIGH
EPSS-0.59% / 44.10%
||
7 Day CHG~0.00%
Published-21 Jul, 2025 | 09:29
Updated-06 Nov, 2025 | 16:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Remote Command Injection in send_sms Action Due to Improper Input Neutralization

A high privileged remote attacker can execute arbitrary system commands via POST requests in the send_sms action due to improper neutralization of special elements used in an OS command.

Action-Not Available
Vendor-mbconnectlineHelmholzMB connect line
Product-mbnet.minimbnet.mini_firmwarembNET.miniREX 100
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-41267
Matching Score-4
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-4
Assigner-Nozomi Networks Inc.
CVSS Score-8.5||HIGH
EPSS-0.88% / 54.76%
||
7 Day CHG~0.00%
Published-29 May, 2026 | 10:48
Updated-01 Jun, 2026 | 18:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in the Administration WebUI in Waterfall WF-500 TX Host in version 7.9.1.0 R2502171040 that allows remote authenticated attackers to execute arbitrary operating system commands on the WF-500 TX Host.

Action-Not Available
Vendor-waterfall-securityWaterfall
Product-wf-500_firmwarewf-500WF-500
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2019-15978
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.2||HIGH
EPSS-37.46% / 98.34%
||
7 Day CHG~0.00%
Published-06 Jan, 2020 | 07:45
Updated-15 Nov, 2024 | 17:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Data Center Network Manager Command Injection Vulnerabilities

Multiple vulnerabilities in the REST and SOAP API endpoints of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker with administrative privileges on the DCNM application to inject arbitrary commands on the underlying operating system (OS). For more information about these vulnerabilities, see the Details section of this advisory. Note: The severity of these vulnerabilities is aggravated by the vulnerabilities described in the Cisco Data Center Network Manager Authentication Bypass Vulnerabilities advisory, published simultaneously with this one.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-data_center_network_managerCisco Data Center Network Manager
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-39240
Matching Score-4
Assigner-Hangzhou Hikvision Digital Technology Co., Ltd.
ShareView Details
Matching Score-4
Assigner-Hangzhou Hikvision Digital Technology Co., Ltd.
CVSS Score-7.2||HIGH
EPSS-1.14% / 62.63%
||
7 Day CHG~0.00%
Published-13 Jun, 2025 | 07:10
Updated-17 Jun, 2025 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Some Hikvision Wireless Access Point are vulnerable to authenticated remote command execution due to insufficient input validation. Attackers with valid credentials can exploit this flaw by sending crafted packets containing malicious commands to affected devices, leading to arbitrary command execution.

Action-Not Available
Vendor-HIKVISION
Product-DS-3WAP622E-SIDS-3WAP521-SIDS-3WAP522-SIDS-3WAP622G-SIDS-3WAP621E-SIDS-3WAP623E-SI
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-26007
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-9.1||CRITICAL
EPSS-5.30% / 91.59%
||
7 Day CHG~0.00%
Published-12 May, 2022 | 17:01
Updated-15 Apr, 2025 | 19:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An OS command injection vulnerability exists in the console factory functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted network request can lead to command execution. An attacker can send a sequence of requests to trigger this vulnerability.

Action-Not Available
Vendor-InHand Networks, Inc.
Product-ir302_firmwareir302InRouter302
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-3816
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.1||MEDIUM
EPSS-5.88% / 92.33%
||
7 Day CHG~0.00%
Published-19 Apr, 2025 | 18:00
Updated-01 Oct, 2025 | 19:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
westboy CicadasCMS Scheduled Task save os command injection

A vulnerability classified as critical was found in westboy CicadasCMS 2.0. This vulnerability affects unknown code of the file /system/schedule/save of the component Scheduled Task Handler. The manipulation leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-westboywestboy
Product-cicadascmsCicadasCMS
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-51661
Matching Score-4
Assigner-Patchstack
ShareView Details
Matching Score-4
Assigner-Patchstack
CVSS Score-9.1||CRITICAL
EPSS-1.09% / 61.24%
||
7 Day CHG~0.00%
Published-04 Nov, 2024 | 11:06
Updated-11 May, 2026 | 21:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Media Library Assistant plugin <= 3.19 - Remote Code Execution (RCE) vulnerability

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in David Lingren Media LIbrary Assistant media-library-assistant allows Command Injection.This issue affects Media LIbrary Assistant: from n/a through <= 3.19.

Action-Not Available
Vendor-davidlingrenDavid Lingrendavidlingren
Product-media_library_assistantMedia LIbrary Assistantmedia_library_assistant
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-34239
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.6||HIGH
EPSS-1.77% / 75.38%
||
7 Day CHG+0.15%
Published-06 Nov, 2025 | 19:44
Updated-04 Dec, 2025 | 21:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Advantech WebAccess/VPN < 1.1.5 Command Injection in AppManagementController.appUpgradeAction()

Advantech WebAccess/VPN versions prior to 1.1.5 contain a command injection vulnerability in AppManagementController.appUpgradeAction() that allows an authenticated system administrator to execute arbitrary commands as the web server user (www-data) by supplying a crafted uploaded filename.

Action-Not Available
Vendor-Advantech (Advantech Co., Ltd.)
Product-webaccess\/vpnWebAccess/VPN
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-36143
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-4.7||MEDIUM
EPSS-0.32% / 23.35%
||
7 Day CHG~0.00%
Published-18 Sep, 2025 | 15:14
Updated-25 Sep, 2025 | 15:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IBM watsonx.data command execution

IBM Lakehouse (watsonx.data 2.2) could allow an authenticated privileged user to execute arbitrary commands on the system due to improper validation of user supplied input.

Action-Not Available
Vendor-IBM Corporation
Product-watsonx.datawatsonx.data
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-53876
Matching Score-4
Assigner-JPCERT/CC
ShareView Details
Matching Score-4
Assigner-JPCERT/CC
CVSS Score-8.6||HIGH
EPSS-1.79% / 75.64%
||
7 Day CHG~0.00%
Published-17 Jun, 2026 | 04:56
Updated-17 Jun, 2026 | 16:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

RadiX AX6600 WiFi 6 Tri-Band Gaming Router contains an OS command injection vulnerability, which may lead to arbitrary command execution with the root privilege by a user who logs in to the web console as an administrator.

Action-Not Available
Vendor-Micro-Star International Co., Ltd.
Product-RadiX AX6600 WiFi 6 Tri-Band Gaming Router
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-34280
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.6||HIGH
EPSS-1.30% / 67.00%
||
7 Day CHG~0.00%
Published-30 Oct, 2025 | 21:27
Updated-17 Nov, 2025 | 21:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Nagios Network Analyzer < 2024R2.0.1 RCE in LDAP Certificate Removal Function

Nagios Network Analyzer versions prior to 2024R2.0.1 contain a vulnerability in the LDAP certificate management functionality whereby the certificate removal operation fails to apply adequate input sanitation. An authenticated administrator can trigger command execution on the underlying host in the context of the web application service, resulting in remote code execution with the service's privileges.

Action-Not Available
Vendor-Nagios Enterprises, LLC
Product-network_analyzerNetwork Analyzer
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-55975
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-8.6||HIGH
EPSS-0.65% / 46.78%
||
7 Day CHG~0.00%
Published-26 Jun, 2026 | 22:58
Updated-29 Jun, 2026 | 19:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
H.VIEW HV-500S6 IP Camera OS Command Injection

A vulnerability exists in H.View IP cameras that could allow an authenticated user to supply unsanitized XML fields to the device's certificate generation interface, which are incorporated into a backend certificate creation command without proper input validation. This may allow for command execution with elevated privileges during certificate generation.

Action-Not Available
Vendor-H.VIEW
Product-HV-500S6 IP Camera
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • ...
  • 15
  • 16
  • Next
Details not found