Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2025-11202

Summary
Assigner-zdi
Assigner Org ID-99f1926a-a320-47d8-bbb5-42feb611262e
Published At-29 Oct, 2025 | 19:36
Updated At-30 Oct, 2025 | 14:35
Rejected At-
Credits

win-cli-mcp-server resolveCommandPath Command Injection Remote Code Execution Vulnerability

win-cli-mcp-server resolveCommandPath Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of win-cli-mcp-server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the resolveCommandPath method. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of the service account. Was ZDI-CAN-27787.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:zdi
Assigner Org ID:99f1926a-a320-47d8-bbb5-42feb611262e
Published At:29 Oct, 2025 | 19:36
Updated At:30 Oct, 2025 | 14:35
Rejected At:
â–¼CVE Numbering Authority (CNA)
win-cli-mcp-server resolveCommandPath Command Injection Remote Code Execution Vulnerability

win-cli-mcp-server resolveCommandPath Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of win-cli-mcp-server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the resolveCommandPath method. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of the service account. Was ZDI-CAN-27787.

Affected Products
Vendor
win-cli-mcp-server
Product
win-cli-mcp-server
Default Status
unknown
Versions
Affected
  • 215f0cc4ed0c21ce028246c19ebfa32f5b3f7848
Problem Types
TypeCWE IDDescription
CWECWE-78CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Type: CWE
CWE ID: CWE-78
Description: CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Metrics
VersionBase scoreBase severityVector
3.09.8CRITICAL
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Version: 3.0
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.zerodayinitiative.com/advisories/ZDI-25-930/
x_research-advisory
https://github.com/simon-ami/win-cli-mcp-server/commit/521b4a34190d03bde7d433d213c36357181a6d09
vendor-advisory
Hyperlink: https://www.zerodayinitiative.com/advisories/ZDI-25-930/
Resource:
x_research-advisory
Hyperlink: https://github.com/simon-ami/win-cli-mcp-server/commit/521b4a34190d03bde7d433d213c36357181a6d09
Resource:
vendor-advisory
â–¼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:zdi-disclosures@trendmicro.com
Published At:29 Oct, 2025 | 20:15
Updated At:30 Oct, 2025 | 15:03

win-cli-mcp-server resolveCommandPath Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of win-cli-mcp-server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the resolveCommandPath method. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of the service account. Was ZDI-CAN-27787.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.09.8CRITICAL
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.0
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CPE Matches
Weaknesses
CWE IDTypeSource
CWE-78Primaryzdi-disclosures@trendmicro.com
CWE ID: CWE-78
Type: Primary
Source: zdi-disclosures@trendmicro.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://github.com/simon-ami/win-cli-mcp-server/commit/521b4a34190d03bde7d433d213c36357181a6d09zdi-disclosures@trendmicro.com
N/A
https://www.zerodayinitiative.com/advisories/ZDI-25-930/zdi-disclosures@trendmicro.com
N/A
Hyperlink: https://github.com/simon-ami/win-cli-mcp-server/commit/521b4a34190d03bde7d433d213c36357181a6d09
Source: zdi-disclosures@trendmicro.com
Resource: N/A
Hyperlink: https://www.zerodayinitiative.com/advisories/ZDI-25-930/
Source: zdi-disclosures@trendmicro.com
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

258Records found
CVE-2018-14699
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-69.47% / 98.63%
||
7 Day CHG~0.00%
Published-03 Dec, 2018 | 22:00
Updated-05 Aug, 2024 | 09:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

System command injection in the /DroboAccess/enable_user endpoint in Drobo 5N2 NAS version 4.0.5-13.28.96115 allows unauthenticated attackers to execute system commands via the "username" URL parameter.

Action-Not Available
Vendor-drobon/a
Product-5n2_firmware5n2n/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-14701
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-50.21% / 97.79%
||
7 Day CHG~0.00%
Published-03 Dec, 2018 | 22:00
Updated-05 Aug, 2024 | 09:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

System command injection in the /DroboAccess/delete_user endpoint in Drobo 5N2 NAS version 4.0.5-13.28.96115 allows unauthenticated attackers to execute system commands via the "username" URL parameter.

Action-Not Available
Vendor-drobon/a
Product-5n2_firmware5n2n/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-15477
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.38% / 59.18%
||
7 Day CHG~0.00%
Published-30 Aug, 2018 | 17:00
Updated-05 Aug, 2024 | 09:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

myStrom WiFi Switch V1 devices before 2.66 did not sanitize a parameter received from the cloud that was used in an OS command. Malicious servers were able to run operating system commands on the device.

Action-Not Available
Vendor-mystromn/a
Product-wifi_switch_firmwarewifi_switchn/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-40222
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-9.8||CRITICAL
EPSS-3.61% / 87.62%
||
7 Day CHG~0.00%
Published-26 Jan, 2023 | 21:24
Updated-01 Apr, 2025 | 14:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An OS command injection vulnerability exists in the m2m DELETE_FILE cmd functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a network request to trigger this vulnerability.

Action-Not Available
Vendor-Siretta Ltd.
Product-quartz-gold_firmwarequartz-goldQUARTZ-GOLD
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-15484
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-6.35% / 90.85%
||
7 Day CHG~0.00%
Published-07 Sep, 2018 | 22:00
Updated-05 Aug, 2024 | 09:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on KONE Group Controller (KGC) devices before 4.6.5. Unauthenticated Remote Code Execution is possible through the open HTTP interface by modifying autoexec.bat, aka KONE-01.

Action-Not Available
Vendor-konen/a
Product-group_controller_firmwaregroup_controllern/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-14706
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-63.86% / 98.41%
||
7 Day CHG~0.00%
Published-03 Dec, 2018 | 22:00
Updated-05 Aug, 2024 | 09:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

System command injection in the /DroboPix/api/drobopix/demo endpoint on Drobo 5N2 NAS version 4.0.5-13.28.96115 allows unauthenticated attackers to execute system commands via the payload in a POST request.

Action-Not Available
Vendor-drobon/a
Product-5n2_firmware5n2n/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-13307
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-15.30% / 94.52%
||
7 Day CHG~0.00%
Published-27 Nov, 2018 | 21:00
Updated-05 Aug, 2024 | 09:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

System command injection in fromNtp in TOTOLINK A3002RU version 1.0.8 allows attackers to execute system commands via the "ntpServerIp2" POST parameter. Certain payloads cause the device to become permanently inoperable.

Action-Not Available
Vendor-n/aTOTOLINK
Product-a3002rua3002ru_firmwaren/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-13314
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-15.30% / 94.52%
||
7 Day CHG~0.00%
Published-27 Nov, 2018 | 21:00
Updated-05 Aug, 2024 | 09:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

System command injection in formAliasIp in TOTOLINK A3002RU version 1.0.8 allows attackers to execute system commands via the "ipAddr" POST parameter.

Action-Not Available
Vendor-n/aTOTOLINK
Product-a3002rua3002ru_firmwaren/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-14060
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-10.76% / 93.24%
||
7 Day CHG~0.00%
Published-15 Jul, 2018 | 03:00
Updated-05 Aug, 2024 | 09:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

OS command injection in the AP mode settings feature in /cgi-bin/luci /api/misystem/set_router_wifiap on Xiaomi R3D before 2.26.4 devices allows an attacker to execute any command via crafted JSON data.

Action-Not Available
Vendor-n/aXiaomi
Product-xiaomi_r3d_firmwarexiaomi_r3dn/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-14417
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-71.13% / 98.69%
||
7 Day CHG~0.00%
Published-03 Aug, 2018 | 16:00
Updated-05 Aug, 2024 | 09:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A command injection vulnerability was found in the web administration console in SoftNAS Cloud before 4.0.3. In particular, the snserv script did not sanitize the 'recentVersion' parameter from the snserv endpoint, allowing an unauthenticated attacker to execute arbitrary commands with root permissions.

Action-Not Available
Vendor-softnasn/a
Product-cloudn/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-13306
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-15.30% / 94.52%
||
7 Day CHG~0.00%
Published-27 Nov, 2018 | 21:00
Updated-05 Aug, 2024 | 09:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

System command injection in formDlna in TOTOLINK A3002RU version 1.0.8 allows attackers to execute system commands via the "ftpUser" POST parameter.

Action-Not Available
Vendor-n/aTOTOLINK
Product-a3002rua3002ru_firmwaren/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-13336
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-12.49% / 93.81%
||
7 Day CHG~0.00%
Published-27 Nov, 2018 | 21:00
Updated-05 Aug, 2024 | 09:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

System command injection in ajaxdata.php in TerraMaster TOS version 3.1.03 allows attackers to execute system commands via the "pwd" parameter during user creation.

Action-Not Available
Vendor-terra-mastern/a
Product-terramaster_operating_systemn/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-13338
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-12.49% / 93.81%
||
7 Day CHG~0.00%
Published-27 Nov, 2018 | 21:00
Updated-05 Aug, 2024 | 09:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

System command injection in ajaxdata.php in TerraMaster TOS version 3.1.03 allows attackers to execute system commands via the "username" parameter during user creation.

Action-Not Available
Vendor-terra-mastern/a
Product-terramaster_operating_systemn/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-14010
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-10.76% / 93.24%
||
7 Day CHG~0.00%
Published-15 Jul, 2018 | 03:00
Updated-05 Aug, 2024 | 09:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

OS command injection in the guest Wi-Fi settings feature in /cgi-bin/luci on Xiaomi R3P before 2.14.5, R3C before 2.12.15, R3 before 2.22.15, and R3D before 2.26.4 devices allows an attacker to execute any command via crafted JSON data.

Action-Not Available
Vendor-n/aXiaomi
Product-xiaomi_r3d_firmwarexiaomi_r3pxiaomi_r3cxiaomi_r3c_firmwarexiaomi_r3xiaomi_r3p_firmwarexiaomi_r3dn/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-13311
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-6.48% / 90.94%
||
7 Day CHG~0.00%
Published-26 Nov, 2018 | 22:00
Updated-05 Aug, 2024 | 09:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

System command injection in formDlna in TOTOLINK A3002RU version 1.0.8 allows attackers to execute system commands via the "sambaUser" POST parameter.

Action-Not Available
Vendor-n/aTOTOLINK
Product-a3002rua3002ru_firmwaren/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-14495
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-18.80% / 95.20%
||
7 Day CHG~0.00%
Published-10 Jul, 2019 | 13:20
Updated-05 Aug, 2024 | 09:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vivotek FD8136 devices allow Remote Command Injection, aka "another command injection vulnerability in our target device," a different issue than CVE-2018-14494. NOTE: The vendor has disputed this as a vulnerability and states that the issue does not cause a web server crash or have any other affect on it's performance

Action-Not Available
Vendor-vivotekn/a
Product-fd8136_firmwarefd8136n/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-14494
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-8.96% / 92.48%
||
7 Day CHG~0.00%
Published-10 Jul, 2019 | 12:56
Updated-05 Aug, 2024 | 09:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vivotek FD8136 devices allow Remote Command Injection, related to BusyBox and wget. NOTE: the vendor sent a clarification on 2019-09-17 explaining that, although this CVE was first populated in July 2019, it is a historical vulnerability that does not apply to any current or recent Vivotek hardware or firmware

Action-Not Available
Vendor-vivotekn/a
Product-fd8136_firmwarefd8136n/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-13354
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-16.21% / 94.71%
||
7 Day CHG~0.00%
Published-27 Nov, 2018 | 21:00
Updated-05 Aug, 2024 | 09:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

System command injection in logtable.php in TerraMaster TOS version 3.1.03 allows attackers to execute system commands via the "Event" parameter.

Action-Not Available
Vendor-terra-mastern/a
Product-terramaster_operating_systemn/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-13797
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-11.29% / 93.43%
||
7 Day CHG~0.00%
Published-10 Jul, 2018 | 12:00
Updated-16 Sep, 2024 | 23:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The macaddress module before 0.2.9 for Node.js is prone to an arbitrary command injection flaw, due to allowing unsanitized input to an exec (rather than execFile) call.

Action-Not Available
Vendor-node-macaddress_projectn/a
Product-node-macaddressn/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-13316
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-15.30% / 94.52%
||
7 Day CHG~0.00%
Published-27 Nov, 2018 | 21:00
Updated-05 Aug, 2024 | 09:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

System command injection in formAliasIp in TOTOLINK A3002RU version 1.0.8 allows attackers to execute system commands via the "subnet" POST parameter.

Action-Not Available
Vendor-n/aTOTOLINK
Product-a3002rua3002ru_firmwaren/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-12670
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-12.49% / 93.81%
||
7 Day CHG~0.00%
Published-19 Oct, 2018 | 22:00
Updated-05 Aug, 2024 | 08:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SV3C L-SERIES HD CAMERA V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B devices allow OS Command Injection.

Action-Not Available
Vendor-sv3cn/a
Product-h.264_poe_ip_camera_firmwaresv-b11vpoe-1080p-lsv-b01poe-1080p-lsv-d02poe-1080p-ln/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-12268
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-12.52% / 93.83%
||
7 Day CHG~0.00%
Published-13 Jun, 2018 | 11:00
Updated-05 Aug, 2024 | 08:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

acccheck.pl in acccheck 0.2.1 allows Command Injection via shell metacharacters in a username or password file, as demonstrated by injection into an smbclient command line.

Action-Not Available
Vendor-acccheck_projectn/a
Product-acccheck.pln/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2017-14100
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-36.95% / 97.09%
||
7 Day CHG+1.98%
Published-02 Sep, 2017 | 16:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Asterisk 11.x before 11.25.2, 13.x before 13.17.1, and 14.x before 14.6.1 and Certified Asterisk 11.x before 11.6-cert17 and 13.x before 13.13-cert5, unauthorized command execution is possible. The app_minivm module has an "externnotify" program configuration option that is executed by the MinivmNotify dialplan application. The application uses the caller-id name and number as part of a built string passed to the OS shell for interpretation and execution. Since the caller-id name and number can come from an untrusted source, a crafted caller-id name or number allows an arbitrary shell command injection.

Action-Not Available
Vendor-n/aDigium, Inc.
Product-certified_asteriskasteriskn/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-11510
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-89.36% / 99.54%
||
7 Day CHG~0.00%
Published-28 Jun, 2018 | 14:00
Updated-05 Aug, 2024 | 08:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ASUSTOR ADM 3.1.0.RFQ3 NAS portal suffers from an unauthenticated remote code execution vulnerability in the portal/apis/aggrecate_js.cgi file by embedding OS commands in the 'script' parameter.

Action-Not Available
Vendor-n/aASUSTOR Inc.
Product-admn/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-1144
Matching Score-4
Assigner-Tenable Network Security, Inc.
ShareView Details
Matching Score-4
Assigner-Tenable Network Security, Inc.
CVSS Score-9.8||CRITICAL
EPSS-29.11% / 96.50%
||
7 Day CHG~0.00%
Published-19 Apr, 2018 | 13:00
Updated-16 Sep, 2024 | 17:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote unauthenticated user can execute commands as root in the Belkin N750 using firmware version 1.10.22 by sending a crafted HTTP request to proxy.cgi.

Action-Not Available
Vendor-Belkin International, Inc.
Product-n750_firmwaren750N750 DB Wi-Fi Dual-Band N+ Gigabit Router (F9K1103)
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-11215
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-3.06% / 86.54%
||
7 Day CHG~0.00%
Published-03 Jul, 2019 | 15:46
Updated-05 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Remote code execution is possible in Cloudera Data Science Workbench version 1.3.0 and prior releases via unspecified attack vectors.

Action-Not Available
Vendor-clouderan/a
Product-data_science_workbenchn/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-11229
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-3.66% / 87.72%
||
7 Day CHG~0.00%
Published-08 Jun, 2018 | 01:00
Updated-05 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Crestron TSW-1060, TSW-760, TSW-560, TSW-1060-NC, TSW-760-NC, and TSW-560-NC devices before 2.001.0037.001 allow unauthenticated remote code execution via command injection in Crestron Toolbox Protocol (CTP).

Action-Not Available
Vendor-n/aCrestron Electronics, Inc.
Product-dmc-strtsw-760tsw-1060-nctsw-760-nctsw-560tsw-1060tsw-560-nccrestron_toolbox_protocol_firmwaren/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-1143
Matching Score-4
Assigner-Tenable Network Security, Inc.
ShareView Details
Matching Score-4
Assigner-Tenable Network Security, Inc.
CVSS Score-9.8||CRITICAL
EPSS-33.60% / 96.86%
||
7 Day CHG~0.00%
Published-19 Apr, 2018 | 13:00
Updated-17 Sep, 2024 | 04:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote unauthenticated user can execute commands as root in the Belkin N750 using firmware version 1.10.22 by sending a crafted HTTP request to twonky_command.cgi.

Action-Not Available
Vendor-Belkin International, Inc.
Product-n750_firmwaren750N750 DB Wi-Fi Dual-Band N+ Gigabit Router (F9K1103)
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-1000885
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-24.22% / 95.99%
||
7 Day CHG~0.00%
Published-20 Dec, 2018 | 20:00
Updated-16 Sep, 2024 | 17:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

PHKP version including commit 88fd9cfdf14ea4b6ac3e3967feea7bcaabb6f03b contains a Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in function pgp_exec() phkp.php:98 that can result in It is possible to manipulate gpg-keys or execute commands remotely. This attack appear to be exploitable via HKP-Api: /pks/lookup?search.

Action-Not Available
Vendor-phkp_projectn/a
Product-phkpn/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-1000666
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-3.79% / 87.91%
||
7 Day CHG~0.00%
Published-06 Sep, 2018 | 17:00
Updated-05 Aug, 2024 | 12:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

GIG Technology NV JumpScale Portal 7 version before commit 15443122ed2b1cbfd7bdefc048bf106f075becdb contains a CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in method: notifySpaceModification; that can result in Improper validation of parameters results in command execution. This attack appear to be exploitable via Network connectivity, required minimal auth privileges (everyone can register an account). This vulnerability appears to have been fixed in After commit 15443122ed2b1cbfd7bdefc048bf106f075becdb.

Action-Not Available
Vendor-gigopenvcloud_projectn/a
Product-jumpscaleopenvcloudn/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2017-1000116
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.49% / 85.11%
||
7 Day CHG-2.89%
Published-04 Oct, 2017 | 01:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Mercurial prior to 4.3 did not adequately sanitize hostnames passed to ssh, leading to possible shell-injection attacks.

Action-Not Available
Vendor-mercurialn/aRed Hat, Inc.Debian GNU/Linux
Product-enterprise_linux_desktopenterprise_linux_server_tusmercurialenterprise_linux_workstationenterprise_linux_server_eusdebian_linuxenterprise_linux_serverenterprise_linux_server_ausn/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-40504
Matching Score-4
Assigner-Zero Day Initiative
ShareView Details
Matching Score-4
Assigner-Zero Day Initiative
CVSS Score-9.8||CRITICAL
EPSS-91.20% / 99.65%
||
7 Day CHG~0.00%
Published-03 May, 2024 | 02:11
Updated-18 Sep, 2024 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
LG Simple Editor readVideoInfo Command Injection Remote Code Execution Vulnerability

LG Simple Editor readVideoInfo Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability. The specific flaw exists within the readVideoInfo method. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. . Was ZDI-CAN-19953.

Action-Not Available
Vendor-LG Electronics Inc.
Product-Simple Editorsimple_editor
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-10660
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-91.33% / 99.65%
||
7 Day CHG-0.86%
Published-26 Jun, 2018 | 18:00
Updated-05 Aug, 2024 | 07:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in multiple models of Axis IP Cameras. There is Shell Command Injection.

Action-Not Available
Vendor-axisn/a
Product-p1204_firmwarem1103m1145_firmwarep3915-r_firmwarep3343q1932-e_pt_mountq7411_firmwarexp40-q1942q8414-lvsp3363-veq8655-zle_firmwareq1604-e_firmwareq8685-leq8742-le_zoomp1357-e_firmwarem3105-lve_firmwarep1125-zp1425-le_firmwareq1635_firmwarem1013q7424-r_mk_ii_firmwareq1931-e_pt_mount_firmwareq7401_firmwarecompanion_c360c2005_firmwarep1214-ep5514-e_firmwarep1428-ep3228-lveq1775_firmwareq1604p1346-e_firmwarecompanion_eye_lp1405-em1124q1765-le_pt_mount_firmwarep1364q1647p1344-eq7401q3504-vp3114-zq6045-s_mk_iip3365-vm1033-w_firmwarep5515-eq1941-eq8685-exp60-q1765p1346-eq1602_firmwarep3215-ve_firmwareq6052q8642-e_firmwarem3104-lm3005-vq6045-s_mk_ii_firmwarep3354q1635-zq1614-eq1942-e_pt_mountq6054-e_firmwarem3203-v_firmwarep3301-v_firmwarep3225-v_mk_iip3364-lvp3705-zp1405-leq8721-e_firmwarea8004-v_firmwarep1354_firmwareq6044-em1125-em3106-l_mk_ii_firmwarem3007-pq6045_mk_ii_firmwarexp60-q1765_firmwarep3224-v_mk_iim1025_firmwarem3006-v_firmwarep1224-e_firmwarep1344p3224-lve_firmwareq6032-ea8105-ep1254q1602-ep1126-zlp1425-lep1353q1615-e_mk_ii_firmwareq6045-c_mk_iim1054p1343-ep1346_firmwareq3505-sve_mk_iim3204q1910-ep7216_firmwareq1755_firmwarem3105-l_firmwarep1425-le_mk_ii_firmwarep3707-pe_firmwareq6054_mk_ii_firmwarem3106-lve_mk_ii_firmwarep5532-eq1602q6042-cp3375-vea8105-e_firmwarecompanion_cube_lq1931-e_pt_mountp3225-lve_mk_iip3364-ve_firmwareq2901-e_firmwarep3375-ve_firmwarep1245q1755q3617-ve_firmwarem1054_firmwarep3364-vep5624-e_firmwarem3044-wvp5512-eq6115-e_firmwarep3374-v_firmwareq2901-e_pt_mountp8514_firmwarep3904-r_mk_ii_firmwarem3106-lve_mk_iip3301_firmwarep3344-vcompanion_dome_wvq6114-em1103_firmwarep3344-v_firmwareq3615-vem3114-r_firmwarep5512m1045-lw_firmwareq7414_bladep3224-v_mk_ii_firmwarep3343-vq6035q7436_bladem1125m3016a8004-vq1765-le_firmwareq3505-v_mk_iiq6054-e_mk_ii_firmwareq8741-ep3344-vep3363-v_firmwarep1405-le_mk_iiq6042companion_recorder_4chq8742-e_zoom_firmwarecompanion_bullet_le_firmwarem3046-vp1344-e_firmwarep3344_firmwareq1922q1615-e_firmwarep3374-lv_firmwarep1254_firmwareq1604_firmwareq1614-e_firmwarep3346-vq6055-cp5624-e_mk_iiq6055p3375-lv_firmwareq7436_blade_firmwarep3215-vv5915_firmwareq6042-c_firmwarep1405-le_mk_ii_firmwarem3045-vm3047-p_firmwarem1145m1113-e_firmwarep1355-e_firmwarea9161p3227-lveq6045_mk_iif34_main_unitp5512_firmwarem5065_firmwareq1615-e_mk_iim3044-vp3227-lv_firmwarep3343-ve_firmwarep3365-vecompanion_dome_v_firmwarem3048-p_firmwarep3375-lve_firmwarem3026-veq2901-e_pt_mount_firmwarem1144-lq8722-e_firmwarem5014-v_firmwarem5014q1765-le_pt_mountq8742-em3048-pm3204-v_firmwarep1357-em3106-lvep3905-req1605-zp1125-z_firmwareq6124-e_firmwarep3346p3215-veq6044q1932-eq3709-pved2050-ve_firmwareq3517-lvem1144-l_firmwarem3114-ve_firmwarep5515m2025-le_firmwareq8721-eq7424-rp1435-em3015_firmwarep3225-lv_mk_iixf40-q1765m3106-l_firmwareq6044-sq8631-ep3228-lvp3315-zlq7404_firmwarep1343-e_firmwarep5532xp40-q1765_firmwareq6045-e_firmwarep1343p1365-eq6000-exf60-q2901_firmwarev5914_firmwaref44_dual_audio_inputm3044-v_firmwarep1365-e_mk_iiq3708-pvep3363-ve_firmwarep1280p1353-e_firmwarep1265_firmwarem3106-lp1447-le_firmwarep1290p5532-e_firmwarep7224_blade_firmwareq6055-ecompanion_eye_lve_firmwareq8414-lvs_firmwareq1775-em5014_firmwarem1034-wp1354m2026-le_mk_ii_firmwarem7011_firmwareq6055-e_firmwarem3104-lvep3905-re_firmwareq6045-cxf40-q1765_firmwarep1347-em1114-e_firmwareq6055-c_firmwareq8742-e_firmwarem2014-e_firmwarep3224-lve_mk_iip5534m7016_firmwareq6042-e_firmwarec3003-e_firmwareq6055-sm3026-ve_firmwareq6128-e_firmwarep1405-le_firmwareq7406_bladep3227-lvp7214_firmwarep5534-ep5635-eq8722-eq6045-e_mk_ii_firmwarep3375-v_firmwarec3003-em3024-lveq1910-e_firmwarecompanion_eye_l_firmwarep3346-vep3915-rp1347_firmwarem5055q6044-cc8033p1365-e_firmwarep3314-zl_firmwarep8513_firmwareq3505-v_firmwarep3214-v_firmwarep3224-ve_mk_ii_firmwareq6054_mk_iip3114-z_firmwarem3045-wv_firmwarep5514_firmwareq1910_firmwarem3113-ve_firmwarep8524m3045-v_firmwarep1344_firmwareq6054_firmwarep3905-r_firmwarecompanion_dome_vq6054-eq8675-ze_firmwarep3344-ve_firmwarem1004-wq8741-le_firmwarep3706-z_firmwarev5915p1224-ep1365_firmwareq6044-s_firmwarep3304q6034_firmwareq3505-vecompanion_cube_l_firmwarem3007-pv_firmwarep3224-lv_firmwareq6032-cm3204-vp3364-lvep3705-z_firmwarem2014-ep3367-vep1275p1405-e_firmwaref44_main_unit_firmwareq3505-ve_firmwareq8632-e_firmwarem7010m3203p3125-z_firmwarep1264_firmwarep1365_mk_iip3228-lv_firmwareq1615-ep1448-leq6045_firmwarep1365q8742-le_firmwarem1125_firmwarem2026-le_mk_iim3114-rp3125-zq8742-le_zoom_firmwarem3037-pveq6044_firmwarem7011q6034-ep3374-lvp1427-e_firmwarep3115-z_firmwarep5635-zem1113_firmwarep3707-pep3314-zm3045-wvq3505-v_mk_ii_firmwarecompanion_cube_lw_firmwarep1435-lep5534-e_firmwarem1013_firmwareq1602-e_firmwareq6034-c_firmwarep1355-ep3225-ve_mk_iip5415-e_firmwarep1325-zq1922-eq6042-ep3364-lv_firmwarep3224-lveq6055_firmwarem3105-lp5515-e_firmwareq1605-z_firmwareq7414_blade_firmwarep3904-r_mk_iip1126-z_firmwareq8675-zeq6052-ecompanion_recorder_4ch_firmwarep1214p3301m3105-lveq1922-e_firmwarep3214-ve_firmwarep5515_firmwarexf40-q2901xf40-q2901_firmwarea9188f41_main_unit_firmwareq6044-c_firmwarep1364-eq1645p3384-ve_firmwarem1104q6054-e_mk_iip3706-zp5635-e_mk_ii_firmwarep3363-vq6035-e_firmwarep5522_firmwareq3615-ve_firmwarep1425-le_mk_iiq6032q7424-r_firmwareq8665-e_firmwareq6032_firmwarep1126-zl_firmwarem1065-lp1214-e_firmwarep1427-le_firmwarep5544_firmwarep3905-r_mk_ii_firmwarem2026-lep3374-vd201-s_xpt_q6055_firmwarem3027-pvep3315-zm3007-p_firmwarem5065m1143-l_firmwareq2901-ef44_main_unitq8741-lep3384-vq3505-vq6032-c_firmwarep3343-veq6125-le_firmwarep3904-r_firmwarep5635-e_firmwarep3367-ve_firmwareq1931-eq8665-lecompanion_bullet_lep1427-lep1126-zq1942-e_firmwareq1635-ep3375-lvep1427-ea9188-v_firmwarep3225-lv_firmwarep3905-r_mk_iiq6035-em3024-lve_firmwarep3114-i_firmwareq6000-e_mk_iip1357q6042-s_firmwareq8742-e_zoomm1125-e_firmwarep1353-ep3364-v_firmwarep1428-e_firmwarep5635-e_mk_iiq3517-lvq8641-ep3365-ve_firmwarep5544q1615_firmwareq1932-e_pt_mount_firmwarem1113-em3203_firmwarec1004-ep5414-ep5522q1635q6032-e_firmwareq3504-ve_firmwareq8685-le_firmwarem1025q7406_blade_firmwareq6045-c_firmwarem3016_firmwareq1614m1113companion_eye_lveq1615m2025-lep1354-e_firmwarep3214-vem1124_firmwarep3115-i_firmwarem3113-rq1921-e_firmwarem1034-w_firmwarep1347p1264q6044-e_firmwarem1033-wq1604-ep1365-e_mk_ii_firmwarep3346-ve_firmwarep3375-lvq1659p3228-lve_firmwareq1775p1325-z_firmwarep1448-le_firmwarec1004-e_firmwarem3044-wv_firmwareq1645_firmwarep3314-zlq6035-cp3225-ve_mk_ii_firmwarep7224_bladem1114a9188-vq1635-z_firmwareq6035-c_firmwareq3505-ve_mk_ii_firmwarep1347-e_firmwaref41_main_unitm3046-v_1.8mmm3203-vp1280_firmwarem3046-v_firmwareq6128-eq8665-eq1941-e_pt_mountm3046-v_1.8mm_firmwareq8741-e_firmwarev5914f34_main_unit_firmwarep5522-em3106-l_mk_iip5414-e_firmwarep1367_firmwarep1245_firmwarep3367-v_firmwareq1941-e_firmwarep1357_firmwarep5415-eq3515-lvp8513m1114-eq1922_firmwarep3225-lve_mk_ii_firmwarep3224-lvp1265q3504-v_firmwarem1104_firmwarefa54_main_unit_firmwarep3301-vxf60-q2901q6045-sm3014_firmwarep3353_firmwarep1244_firmwarem3027-pve_firmwarem5013q1615_mk_iim3014d201-s_xpt_q6055p5635-ze_firmwareq7424-r_mk_iip3384-veq6045-e_mk_iiq8641-e_firmwarem3005-v_firmwareq8631-e_firmwarem3114-vep1354-ep3224-lve_mk_ii_firmwarep3315-z_firmwareq3709-pve_firmwarep5624-e_mk_ii_firmwareq3505-ve_mk_iim1145-l_firmwarec2005p3224-lv_mk_ii_firmwareq6045-s_firmwarep5514p3904-rq1615_mk_ii_firmwarem1004-w_firmwarem5525-e_firmwarep3225-lv_mk_ii_firmwareq3505-sve_mk_ii_firmwareq6115-eq1755-e_firmwareq6052-e_firmwarep3225-lveq1921p1214_firmwarecompanion_recorder_8ch_firmwarem5054p3115-zp8524_firmwarem5013-vm1143-lm7010_firmwarem1145-lp5624-ep3915-r_mk_ii_firmwarem7014_firmwareq1921_firmwareq1921-em3007-pvm3104-lve_firmwareq6124-ep3375-vxp40-q1765m1045-lwp3215-v_firmwarep3225-v_mk_ii_firmwarep1343_firmwareq1910q6045-ecompanion_recorder_8chm3047-pm3104-l_firmwarep1355p3915-r_mk_iip5512-e_firmwarem5055_firmwareq6042-scompanion_cube_lwm3004-vp1435-le_firmwaref44_dual_audio_input_firmwarem5525-ep3224-ve_mk_iip1367-eq6045-c_mk_ii_firmwareq1635-e_firmwareq1931-e_firmwareq3517-lve_firmwarep3346-v_firmwarea1001q6042_firmwareq6000-e_mk_ii_firmwarep1364-e_firmwarea1001_firmwarep3353q3504-veq3515-lv_firmwareq1775-e_firmwarep1368-ep7210_firmwareq8742-lem5054_firmwarep7210p1367companion_c360_firmwareq6155-e_firmwarem3004-v_firmwareq6034-cq3515-lvefa54_main_unitm5013_firmwareq3617-veq6125-lep3343_firmwarep3364-vq6034m2026-le_firmwareq8642-em3113-r_firmwareq6155-ep3905-rm1065-lwm3015p1365_mk_ii_firmwarep1447-lep3115-iq1942-e_pt_mount_firmwareq7404m3204_firmwarep1353_firmwarep1125-zl_firmwarem3106-lve_firmwarep1290_firmwarem3037-pve_firmwarep3365-v_firmwarep1244p5522-e_firmwareq3517-lv_firmwareq8655-zlep3314-z_firmwarep5514-em1014_firmwarep3384-v_firmwareq1614_firmwarep7216m7016q6035_firmwarecompanion_dome_wv_firmwarem5013-v_firmwarep3364-lve_firmwareq1932-e_firmwarem3025-ve_firmwarep7214q1647_firmwarexp40-q1942_firmwarep1368-e_firmwarem1065-l_firmwarep8514m3113-vep3304-vp1367-e_firmwarep3354_firmwarem1124-e_firmwareq1941-e_pt_mount_firmwareq6114-e_firmwarec8033_firmwarem1065-lw_firmwarep1435-e_firmwareq6034-e_firmwareq1942-ep3214-vp3225-lve_firmwarep1125-zlq8685-e_firmwarep1346p3343-v_firmwareq8632-eq6045p3227-lve_firmwareq3708-pve_firmwarep1275_firmwarem3025-vep1425-e_firmwareq6052_firmwareq6055-s_firmwarep3224-lv_mk_iip3304_firmwareq6054m1114_firmwareq1765-leq7411p3114-id2050-veq1659_firmwarep1425-em5014-vq1755-em3006-vp3225-lvq6000-e_firmwarep1364_firmwarep3304-v_firmwarem1014a9161_firmwarem1124-ep5532_firmwareq8665-le_firmwarem7014p3367-vp1204p5534_firmwarep3344p1355_firmwareq3515-lve_firmwarea9188_firmwarep3346_firmwarep3315-zl_firmwaren/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-0545
Matching Score-4
Assigner-JPCERT/CC
ShareView Details
Matching Score-4
Assigner-JPCERT/CC
CVSS Score-9.8||CRITICAL
EPSS-2.66% / 85.58%
||
7 Day CHG~0.00%
Published-09 Apr, 2018 | 13:00
Updated-05 Aug, 2024 | 03:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

LXR version 1.0.0 to 2.3.0 allows remote attackers to execute arbitrary OS commands via unspecified vectors.

Action-Not Available
Vendor-lxr_projectLXR Project
Product-lxrLXR
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-0506
Matching Score-4
Assigner-JPCERT/CC
ShareView Details
Matching Score-4
Assigner-JPCERT/CC
CVSS Score-9.8||CRITICAL
EPSS-1.60% / 81.51%
||
7 Day CHG~0.00%
Published-26 Jan, 2018 | 16:00
Updated-05 Aug, 2024 | 03:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Nootka 1.4.4 and earlier allows remote attackers to execute arbitrary OS commands via unspecified vectors.

Action-Not Available
Vendor-nootka_projectSeeLook
Product-nootkaNootka
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-0514
Matching Score-4
Assigner-JPCERT/CC
ShareView Details
Matching Score-4
Assigner-JPCERT/CC
CVSS Score-9.8||CRITICAL
EPSS-2.11% / 83.88%
||
7 Day CHG~0.00%
Published-08 Feb, 2018 | 14:00
Updated-05 Aug, 2024 | 03:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

MP Form Mail CGI eCommerce Edition Ver 2.0.13 and earlier allows remote attackers to execute arbitrary OS commands via unspecified vectors.

Action-Not Available
Vendor-futomifutomi Co., Ltd.
Product-mp_form_mail_cgiMP Form Mail CGI eCommerce Edition
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-1000042
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.19% / 84.17%
||
7 Day CHG~0.00%
Published-09 Feb, 2018 | 23:00
Updated-05 Aug, 2024 | 12:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Security Onion Solutions Squert version 1.3.0 through 1.6.7 contains a CWE-78: Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) vulnerability in .inc/callback.php that can result in execution of OS Commands. This attack appear to be exploitable via Web request to .inc/callback.php with the payload in the data or obj parameters, used in autocat(). This vulnerability appears to have been fixed in 1.7.0.

Action-Not Available
Vendor-securityonionn/a
Product-squertn/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-0539
Matching Score-4
Assigner-JPCERT/CC
ShareView Details
Matching Score-4
Assigner-JPCERT/CC
CVSS Score-9.8||CRITICAL
EPSS-0.51% / 66.16%
||
7 Day CHG~0.00%
Published-22 Mar, 2018 | 13:00
Updated-05 Aug, 2024 | 03:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

QQQ SYSTEMS version 2.24 allows an attacker to execute arbitrary commands via unspecified vectors.

Action-Not Available
Vendor-qqq_systems_projectGundam Cult QQQ
Product-qqq_systemsQQQ SYSTEMS
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-0694
Matching Score-4
Assigner-JPCERT/CC
ShareView Details
Matching Score-4
Assigner-JPCERT/CC
CVSS Score-9.8||CRITICAL
EPSS-2.89% / 86.14%
||
7 Day CHG~0.00%
Published-15 Nov, 2018 | 15:00
Updated-05 Aug, 2024 | 03:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

FileZen V3.0.0 to V4.2.1 allows remote attackers to execute arbitrary OS commands via unspecified vectors.

Action-Not Available
Vendor-solitonSoliton Systems K.K.
Product-filezenFileZen
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-1000043
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.19% / 84.17%
||
7 Day CHG~0.00%
Published-09 Feb, 2018 | 23:00
Updated-05 Aug, 2024 | 12:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Security Onion Solutions Squert version 1.0.1 through 1.6.7 contains a CWE-78: Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) vulnerability in .inc/callback.php that can result in execution of OS Commands. This attack appear to be exploitable via Web request to .inc/callback.php with the payload in the txdata parameter, used in tx()/transcript(), or the catdata parameter, used in cat(). This vulnerability appears to have been fixed in 1.7.0.

Action-Not Available
Vendor-securityonionn/a
Product-squertn/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2017-16608
Matching Score-4
Assigner-Zero Day Initiative
ShareView Details
Matching Score-4
Assigner-Zero Day Initiative
CVSS Score-9.8||CRITICAL
EPSS-13.50% / 94.11%
||
7 Day CHG~0.00%
Published-23 Jan, 2018 | 01:00
Updated-05 Aug, 2024 | 20:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Netgain Enterprise Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within exec.jsp. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code under the context of the current user. Was ZDI-CAN-4749.

Action-Not Available
Vendor-netgain-systemsNetGain Systems
Product-enterprise_managerNetGain Systems Enterprise Manager
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CWE ID-CWE-134
Use of Externally-Controlled Format String
CVE-2017-16042
Matching Score-4
Assigner-HackerOne
ShareView Details
Matching Score-4
Assigner-HackerOne
CVSS Score-9.8||CRITICAL
EPSS-0.35% / 57.09%
||
7 Day CHG~0.00%
Published-04 Jun, 2018 | 19:00
Updated-16 Sep, 2024 | 17:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Growl adds growl notification support to nodejs. Growl before 1.10.2 does not properly sanitize input before passing it to exec, allowing for arbitrary command execution.

Action-Not Available
Vendor-growl_projectHackerOne
Product-growlgrowl node module
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2017-15226
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-7.51% / 91.68%
||
7 Day CHG~0.00%
Published-10 Oct, 2017 | 23:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Zyxel NBG6716 V1.00(AAKG.9)C0 devices allow command injection in the ozkerz component because beginIndex and endIndex are used directly in a popen call.

Action-Not Available
Vendor-n/aZyxel Networks Corporation
Product-nbg6716nbg6716_firmwaren/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2017-14479
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-9.8||CRITICAL
EPSS-8.86% / 92.43%
||
7 Day CHG~0.00%
Published-09 May, 2018 | 20:00
Updated-16 Sep, 2024 | 16:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In the MMM::Agent::Helpers::Network::clear_ip function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (for Solaris), a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\_agentd process. An attacker that can initiate a TCP session with mmm\_agentd can trigger this vulnerability.

Action-Not Available
Vendor-mysql-mmmTalos (Cisco Systems, Inc.)
Product-mysql_multi-master_replication_managerMySql MMM
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2017-14127
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-13.51% / 94.11%
||
7 Day CHG~0.00%
Published-04 Sep, 2017 | 20:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Command Injection in the Ping Module in the Web Interface on Technicolor TD5336 OI_Fw_v7 devices allows remote attackers to execute arbitrary OS commands as root via shell metacharacters in the pingAddr parameter to mnt_ping.cgi.

Action-Not Available
Vendor-technicolorn/a
Product-td5336_firmwaretd5336n/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2017-14459
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-10||CRITICAL
EPSS-19.80% / 95.36%
||
7 Day CHG~0.00%
Published-11 Apr, 2018 | 16:00
Updated-16 Sep, 2024 | 23:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An exploitable OS Command Injection vulnerability exists in the Telnet, SSH, and console login functionality of Moxa AWK-3131A Industrial IEEE 802.11a/b/g/n wireless AP/bridge/client in firmware versions 1.4 to 1.7 (current). An attacker can inject commands via the username parameter of several services (SSH, Telnet, console), resulting in remote, unauthenticated, root-level operating system command execution.

Action-Not Available
Vendor-Moxa Inc.Talos (Cisco Systems, Inc.)
Product-awk-3131aawk-3131a_firmwareMoxa
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2017-14474
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-9.8||CRITICAL
EPSS-8.86% / 92.43%
||
7 Day CHG~0.00%
Published-09 May, 2018 | 20:00
Updated-16 Sep, 2024 | 23:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In the MMM::Agent::Helpers::_execute function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1, a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\_agentd process. An attacker that can initiate a TCP session with mmm\_agentd can trigger this vulnerability.

Action-Not Available
Vendor-mysql-mmmTalos (Cisco Systems, Inc.)
Product-mysql_multi-master_replication_managerMySql MMM
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2017-14481
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-9.8||CRITICAL
EPSS-7.45% / 91.64%
||
7 Day CHG~0.00%
Published-09 May, 2018 | 20:00
Updated-17 Sep, 2024 | 01:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In the MMM::Agent::Helpers::Network::send_arp function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (for Solaris), a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\_agentd process. An attacker that can initiate a TCP session with mmm\_agentd can trigger this vulnerability.

Action-Not Available
Vendor-mysql-mmmTalos (Cisco Systems, Inc.)
Product-mysql_multi-master_replication_managerMySql MMM
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2017-14476
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-9.8||CRITICAL
EPSS-8.86% / 92.43%
||
7 Day CHG~0.00%
Published-09 May, 2018 | 20:00
Updated-17 Sep, 2024 | 02:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In the MMM::Agent::Helpers::Network::add_ip function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (for Solaris), a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\_agentd process. An attacker that can initiate a TCP session with mmm\_agentd can trigger this vulnerability.

Action-Not Available
Vendor-mysql-mmmTalos (Cisco Systems, Inc.)
Product-mysql_multi-master_replication_managerMySql MMM
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2017-14478
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-9.8||CRITICAL
EPSS-8.86% / 92.43%
||
7 Day CHG~0.00%
Published-09 May, 2018 | 20:00
Updated-17 Sep, 2024 | 03:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In the MMM::Agent::Helpers::Network::clear_ip function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (for Linux), a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\_agentd process. An attacker that can initiate a TCP session with mmm\_agentd can trigger this vulnerability.

Action-Not Available
Vendor-mysql-mmmTalos (Cisco Systems, Inc.)
Product-mysql_multi-master_replication_managerMySql MMM
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • Next
Details not found