Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2025-27106

Summary
Assigner-GitHub_M
Assigner Org ID-a0819718-46f1-4df5-94e2-005712e83aaa
Published At-21 Feb, 2025 | 21:18
Updated At-22 Feb, 2025 | 15:40
Rejected At-
Credits

Code injection in binance-trading-bot

binance-trading-bot is an automated Binance trading bot with trailing buy/sell strategy. Authenticated users of binance-trading-bot can achieve Remote Code Execution on the host system due to a command injection vulnerability in the `/restore` endpoint. The restore endpoint of binance-trading-bot is vulnerable to command injection via the `/restore` endpoint. The name of the uploaded file is passed to shell.exec without sanitization other than path normalization, resulting in Remote Code Execution. This may allow any authorized user to execute code in the context of the host machine. This issue has been addressed in version 0.0.100 and all users are advised to upgrade. There are no known workarounds for this vulnerability.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:GitHub_M
Assigner Org ID:a0819718-46f1-4df5-94e2-005712e83aaa
Published At:21 Feb, 2025 | 21:18
Updated At:22 Feb, 2025 | 15:40
Rejected At:
▼CVE Numbering Authority (CNA)
Code injection in binance-trading-bot

binance-trading-bot is an automated Binance trading bot with trailing buy/sell strategy. Authenticated users of binance-trading-bot can achieve Remote Code Execution on the host system due to a command injection vulnerability in the `/restore` endpoint. The restore endpoint of binance-trading-bot is vulnerable to command injection via the `/restore` endpoint. The name of the uploaded file is passed to shell.exec without sanitization other than path normalization, resulting in Remote Code Execution. This may allow any authorized user to execute code in the context of the host machine. This issue has been addressed in version 0.0.100 and all users are advised to upgrade. There are no known workarounds for this vulnerability.

Affected Products
Vendor
chrisleekr
Product
binance-trading-bot
Versions
Affected
  • < 0.0.100
Problem Types
TypeCWE IDDescription
CWECWE-78CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Type: CWE
CWE ID: CWE-78
Description: CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Metrics
VersionBase scoreBase severityVector
4.07.7HIGH
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Version: 4.0
Base score: 7.7
Base severity: HIGH
Vector:
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://github.com/chrisleekr/binance-trading-bot/security/advisories/GHSA-wq6j-4388-4gg5
x_refsource_CONFIRM
https://github.com/chrisleekr/binance-trading-bot/commit/99d464cf8ef858d441189993054ec5f5f86e6213
x_refsource_MISC
https://github.com/chrisleekr/binance-trading-bot/blob/dd8e1a91b872a48aec47bbe1280c1c6ea96784d9/app/frontend/webserver/handlers/restore-post.js#L14
x_refsource_MISC
Hyperlink: https://github.com/chrisleekr/binance-trading-bot/security/advisories/GHSA-wq6j-4388-4gg5
Resource:
x_refsource_CONFIRM
Hyperlink: https://github.com/chrisleekr/binance-trading-bot/commit/99d464cf8ef858d441189993054ec5f5f86e6213
Resource:
x_refsource_MISC
Hyperlink: https://github.com/chrisleekr/binance-trading-bot/blob/dd8e1a91b872a48aec47bbe1280c1c6ea96784d9/app/frontend/webserver/handlers/restore-post.js#L14
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
3.18.8HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:security-advisories@github.com
Published At:21 Feb, 2025 | 22:15
Updated At:15 Apr, 2026 | 00:35

binance-trading-bot is an automated Binance trading bot with trailing buy/sell strategy. Authenticated users of binance-trading-bot can achieve Remote Code Execution on the host system due to a command injection vulnerability in the `/restore` endpoint. The restore endpoint of binance-trading-bot is vulnerable to command injection via the `/restore` endpoint. The name of the uploaded file is passed to shell.exec without sanitization other than path normalization, resulting in Remote Code Execution. This may allow any authorized user to execute code in the context of the host machine. This issue has been addressed in version 0.0.100 and all users are advised to upgrade. There are no known workarounds for this vulnerability.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary4.07.7HIGH
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Secondary3.18.8HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 4.0
Base score: 7.7
Base severity: HIGH
Vector:
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Type: Secondary
Version: 3.1
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CPE Matches

Weaknesses
CWE IDTypeSource
CWE-78Secondarysecurity-advisories@github.com
CWE ID: CWE-78
Type: Secondary
Source: security-advisories@github.com
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
https://github.com/chrisleekr/binance-trading-bot/blob/dd8e1a91b872a48aec47bbe1280c1c6ea96784d9/app/frontend/webserver/handlers/restore-post.js#L14security-advisories@github.com
N/A
https://github.com/chrisleekr/binance-trading-bot/commit/99d464cf8ef858d441189993054ec5f5f86e6213security-advisories@github.com
N/A
https://github.com/chrisleekr/binance-trading-bot/security/advisories/GHSA-wq6j-4388-4gg5security-advisories@github.com
N/A
Hyperlink: https://github.com/chrisleekr/binance-trading-bot/blob/dd8e1a91b872a48aec47bbe1280c1c6ea96784d9/app/frontend/webserver/handlers/restore-post.js#L14
Source: security-advisories@github.com
Resource: N/A
Hyperlink: https://github.com/chrisleekr/binance-trading-bot/commit/99d464cf8ef858d441189993054ec5f5f86e6213
Source: security-advisories@github.com
Resource: N/A
Hyperlink: https://github.com/chrisleekr/binance-trading-bot/security/advisories/GHSA-wq6j-4388-4gg5
Source: security-advisories@github.com
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

1072Records found

CVE-2020-8654
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-91.91% / 99.71%
||
7 Day CHG~0.00%
Published-06 Feb, 2020 | 23:55
Updated-04 Aug, 2024 | 10:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in EyesOfNetwork 5.3. An authenticated web user with sufficient privileges could abuse the AutoDiscovery module to run arbitrary OS commands via the /module/module_frame/index.php autodiscovery.php target field.

Action-Not Available
Vendor-eyesofnetworkn/a
Product-eyesofnetworkn/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-44606
Matching Score-4
Assigner-JPCERT/CC
ShareView Details
Matching Score-4
Assigner-JPCERT/CC
CVSS Score-8.8||HIGH
EPSS-2.23% / 84.94%
||
7 Day CHG~0.00%
Published-07 Dec, 2022 | 00:00
Updated-23 Apr, 2025 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

OS command injection vulnerability in UDR-JA1604/UDR-JA1608/UDR-JA1616 firmware versions 71x10.1.107112.43A and earlier allows a remote authenticated attacker to execute an arbitrary OS command on the device or alter the device settings.

Action-Not Available
Vendor-unimoUNIMO Technology Co., Ltd
Product-udr-ja1616udr-ja1604udr-ja1608_firmwareudr-ja1604_firmwareudr-ja1616_firmwareudr-ja1608UDR-JA1604/UDR-JA1608/UDR-JA1616
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-2605
Matching Score-4
Assigner-Honeywell International Inc.
ShareView Details
Matching Score-4
Assigner-Honeywell International Inc.
CVSS Score-9.9||CRITICAL
EPSS-1.91% / 83.72%
||
7 Day CHG+1.09%
Published-02 May, 2025 | 12:39
Updated-17 May, 2025 | 06:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Authenticated command injection

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Honeywell MB-Secure allows Privilege Abuse. This issue affects MB-Secure: from V11.04 before V12.53 and MB-Secure PRO from V01.06 before V03.09.Honeywell also recommends updating to the most recent version of this product.

Action-Not Available
Vendor-Honeywell International Inc.
Product-mb-securemb-secure_pro_firmwaremb-secure_firmwaremb-secure_proMB-Secure
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-24351
Matching Score-4
Assigner-Robert Bosch GmbH
ShareView Details
Matching Score-4
Assigner-Robert Bosch GmbH
CVSS Score-8.8||HIGH
EPSS-0.44% / 63.69%
||
7 Day CHG-0.07%
Published-30 Apr, 2025 | 11:47
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the “Remote Logging” functionality of the web application of ctrlX OS allows a remote authenticated (low-privileged) attacker to execute arbitrary OS commands in the context of user “root” via a crafted HTTP request.

Action-Not Available
Vendor-Bosch Rexroth AG
Product-ctrlX OS - Device Admin
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-7237
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-42.97% / 97.58%
||
7 Day CHG~0.00%
Published-20 Jan, 2020 | 04:06
Updated-04 Aug, 2024 | 09:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cacti 1.2.8 allows Remote Code Execution (by privileged users) via shell metacharacters in the Performance Boost Debug Log field of poller_automation.php. OS commands are executed when a new poller cycle begins. The attacker must be authenticated, and must have access to modify the Performance Settings of the product.

Action-Not Available
Vendor-n/aThe Cacti Group, Inc.
Product-cactin/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-7596
Matching Score-4
Assigner-Snyk
ShareView Details
Matching Score-4
Assigner-Snyk
CVSS Score-8.8||HIGH
EPSS-1.23% / 79.62%
||
7 Day CHG~0.00%
Published-25 Jan, 2020 | 18:08
Updated-04 Aug, 2024 | 09:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Codecov npm module before 3.6.2 allows remote attackers to execute arbitrary commands via the "gcov-args" argument.

Action-Not Available
Vendor-codecovn/a
Product-nodejs_uploadercodecov npm module
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2019-8317
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-1.52% / 81.75%
||
7 Day CHG~0.00%
Published-13 Feb, 2019 | 03:00
Updated-17 Sep, 2024 | 02:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on D-Link DIR-878 devices with firmware 1.12A1. This issue is a Command Injection allowing a remote attacker to execute arbitrary code, and get a root shell. A command Injection vulnerability allows attackers to execute arbitrary OS commands via a crafted /HNAP1 POST request. This occurs when any HNAP API function triggers a call to the system function with untrusted input from the request body for the SetStaticRouteIPv6Settings API function, as demonstrated by shell metacharacters in the DestNetwork field.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-878dir-878_firmwaren/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-8429
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.36% / 58.64%
||
7 Day CHG~0.00%
Published-11 Feb, 2020 | 17:15
Updated-04 Aug, 2024 | 09:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Admin web application in Kinetica 7.0.9.2.20191118151947 does not properly sanitise the input for the function getLogs. This lack of sanitisation could be exploited to allow an authenticated attacker to run remote code on the underlying operating system. The logFile parameter in the getLogs function was used as a variable in a command to read log files; however, due to poor input sanitisation, it was possible to bypass a replacement and break out of the command.

Action-Not Available
Vendor-kinetican/a
Product-kinetican/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-25039
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-4.7||MEDIUM
EPSS-0.21% / 42.86%
||
7 Day CHG~0.00%
Published-04 Feb, 2025 | 18:13
Updated-28 Mar, 2025 | 17:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Authenticated Remote Command Injection in HPE Aruba Networking ClearPass Policy Manager Web-Based Management Interface

A vulnerability in the web-based management interface of HPE Aruba Networking ClearPass Policy Manager (CPPM) allows remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as a lower privileged user on the underlying operating system.

Action-Not Available
Vendor-Hewlett Packard Enterprise (HPE)Aruba Networks
Product-clearpass_policy_managerHPE Aruba Networking ClearPass Policy Manager
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-25053
Matching Score-4
Assigner-JPCERT/CC
ShareView Details
Matching Score-4
Assigner-JPCERT/CC
CVSS Score-8.8||HIGH
EPSS-1.04% / 77.93%
||
7 Day CHG~0.00%
Published-09 Apr, 2025 | 09:03
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

OS command injection vulnerability in the WEB UI (the setting page) exists in Wi-Fi AP UNIT 'AC-WPS-11ac series'. If exploited, an arbitrary OS command may be executed by a remote attacker who can log in to the product.

Action-Not Available
Vendor-Inaba Denki Sangyo Co., Ltd.
Product-AC-PD-WPS-11acAC-WPS-11ac-PAC-PD-WPS-11ac-PAC-WPSM-11acAC-WPSM-11ac-PAC-WPS-11ac
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-8270
Matching Score-4
Assigner-HackerOne
ShareView Details
Matching Score-4
Assigner-HackerOne
CVSS Score-8.8||HIGH
EPSS-1.29% / 80.12%
||
7 Day CHG+0.44%
Published-16 Nov, 2020 | 00:35
Updated-04 Aug, 2024 | 09:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An unprivileged Windows user on the VDA or an SMB user can perform arbitrary command execution as SYSTEM in CVAD versions before 2009, 1912 LTSR CU1 hotfixes CTX285871 and CTX285872, 7.15 LTSR CU6 hotfix CTX285341 and CTX285342

Action-Not Available
Vendor-n/aCitrix (Cloud Software Group, Inc.)
Product-virtual_apps_and_desktopsCitrix Virtual Apps and Desktops
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-3692
Matching Score-4
Assigner-Progress Software Corporation
ShareView Details
Matching Score-4
Assigner-Progress Software Corporation
CVSS Score-8.7||HIGH
EPSS-0.05% / 16.00%
||
7 Day CHG+0.01%
Published-02 Apr, 2026 | 13:27
Updated-07 Apr, 2026 | 18:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Unintended command execution during report generation in Progress Flowmon

In Progress Flowmon versions prior to 12.5.8, a vulnerability exists whereby an authenticated low-privileged user may craft a request during the report generation process that results in unintended commands being executed on the server.

Action-Not Available
Vendor-Progress Software Corporation
Product-flowmonFlowmon
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-8273
Matching Score-4
Assigner-HackerOne
ShareView Details
Matching Score-4
Assigner-HackerOne
CVSS Score-8.8||HIGH
EPSS-1.61% / 82.24%
||
7 Day CHG~0.00%
Published-16 Nov, 2020 | 00:33
Updated-04 Aug, 2024 | 09:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Privilege escalation of an authenticated user to root in Citrix SD-WAN center versions before 11.2.2, 11.1.2b and 10.2.8.

Action-Not Available
Vendor-n/aCitrix (Cloud Software Group, Inc.)
Product-sd-wanCitrix SD-WAN Center
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2019-8314
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-1.52% / 81.75%
||
7 Day CHG~0.00%
Published-13 Feb, 2019 | 03:00
Updated-16 Sep, 2024 | 20:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on D-Link DIR-878 devices with firmware 1.12A1. This issue is a Command Injection allowing a remote attacker to execute arbitrary code, and get a root shell. A command Injection vulnerability allows attackers to execute arbitrary OS commands via a crafted /HNAP1 POST request. This occurs when any HNAP API function triggers a call to the system function with untrusted input from the request body for the SetQoSSettings API function, as demonstrated by shell metacharacters in the IPAddress field.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-878dir-878_firmwaren/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-7351
Matching Score-4
Assigner-Rapid7, Inc.
ShareView Details
Matching Score-4
Assigner-Rapid7, Inc.
CVSS Score-7.3||HIGH
EPSS-68.86% / 98.65%
||
7 Day CHG~0.00%
Published-01 May, 2020 | 15:50
Updated-16 Sep, 2024 | 22:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Fonality Trixbox CE Post-Authentication Command Injection

An OS Command Injection vulnerability in the endpoint_devicemap.php component of Fonality Trixbox Community Edition allows an attacker to execute commands on the underlying operating system as the "asterisk" user. Note that Trixbox Community Edition has been unsupported by the vendor since 2012. This issue affects: Fonality Trixbox Community Edition, versions 1.2.0 through 2.8.0.4. Versions 1.0 and 1.1 are unaffected.

Action-Not Available
Vendor-netfortrisFonality
Product-trixboxTrixbox Community Edition
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-25122
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.7||HIGH
EPSS-2.78% / 86.45%
||
7 Day CHG~0.00%
Published-30 Oct, 2025 | 21:37
Updated-17 Nov, 2025 | 18:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Nagios XI < 5.4.13 Component Download Page RCE

Nagios XI versions prior to 5.4.13 contain a remote code execution vulnerability in the Component Download page. The download/import handler used unsafe command construction with attacker-controlled input and lacked sufficient validation and output encoding, allowing an authenticated user to inject commands or otherwise execute arbitrary code with the privileges of the application service.

Action-Not Available
Vendor-Nagios Enterprises, LLC
Product-nagios_xiXI
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-7361
Matching Score-4
Assigner-Rapid7, Inc.
ShareView Details
Matching Score-4
Assigner-Rapid7, Inc.
CVSS Score-9.6||CRITICAL
EPSS-35.97% / 97.20%
||
7 Day CHG~0.00%
Published-06 Aug, 2020 | 15:45
Updated-16 Sep, 2024 | 22:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ZenTao Pro Command Injection

The EasyCorp ZenTao Pro application suffers from an OS command injection vulnerability in its '/pro/repo-create.html' component. After authenticating to the ZenTao dashboard, attackers may construct and send arbitrary OS commands via the POST parameter 'path', and those commands will run in an elevated SYSTEM context on the underlying Windows operating system.

Action-Not Available
Vendor-easycorpEasyCorp
Product-zentao_proZenTao Pro
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-22481
Matching Score-4
Assigner-QNAP Systems, Inc.
ShareView Details
Matching Score-4
Assigner-QNAP Systems, Inc.
CVSS Score-8.7||HIGH
EPSS-0.63% / 70.93%
||
7 Day CHG~0.00%
Published-06 Jun, 2025 | 15:53
Updated-26 Feb, 2026 | 17:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
QTS, QuTS hero

A command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained user access to execute arbitrary commands. We have already fixed the vulnerability in the following versions: QTS 5.2.4.3079 build 20250321 and later QuTS hero h5.2.4.3079 build 20250321 and later

Action-Not Available
Vendor-QNAP Systems, Inc.
Product-quts_heroqtsQuTS heroQTS
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-42912
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.10% / 26.90%
||
7 Day CHG~0.00%
Published-16 Dec, 2021 | 16:54
Updated-04 Aug, 2024 | 03:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

FiberHome ONU GPON AN5506-04-F RP2617 is affected by an OS command injection vulnerability. This vulnerability allows the attacker, once logged in, to send commands to the operating system as the root user via the ping diagnostic tool, bypassing the IP address field, and concatenating OS commands with a semicolon.

Action-Not Available
Vendor-fiberhomen/a
Product-an5506-04-f_firmwarean5506-01-a_firmwarean5506-01-ban5506-02-ban5506-04-ban5506-04-g2gan5506-01-aaan5506-04-g2g_firmwarean5506-04-fan5506-01-b_firmwarean5506-02-b_firmwarean5506-04-b_firmwaren/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-45942
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-3.91% / 88.61%
||
7 Day CHG~0.00%
Published-20 Dec, 2022 | 00:00
Updated-17 Apr, 2025 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Remote Code Execution (RCE) vulnerability was found in includes/baijiacms/common.inc.php in baijiacms v4.

Action-Not Available
Vendor-baijiacms_projectn/a
Product-baijiacmsn/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-45768
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-3.84% / 88.50%
||
7 Day CHG~0.00%
Published-07 Feb, 2023 | 00:00
Updated-25 Mar, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Command Injection vulnerability in Edimax Technology Co., Ltd. Wireless Router N300 Firmware BR428nS v3 allows attacker to execute arbitrary code via the formWlanMP function.

Action-Not Available
Vendor-n/aEdimax Technology Company Ltd.
Product-br-6428nsbr-6428ns_firmwaren/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-46649
Matching Score-4
Assigner-Sierra Wireless Inc.
ShareView Details
Matching Score-4
Assigner-Sierra Wireless Inc.
CVSS Score-8.8||HIGH
EPSS-0.16% / 36.94%
||
7 Day CHG~0.00%
Published-10 Feb, 2023 | 00:00
Updated-24 Mar, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Acemanager in ALEOS before version 4.16 allows a user with valid credentials to manipulate the IP logging operation to execute arbitrary shell commands on the device.

Action-Not Available
Vendor-sierrawirelessn/a
Product-gx450rv50rv50xmp70rv55es450aleoslx40lx60ALEOS
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-7597
Matching Score-4
Assigner-Snyk
ShareView Details
Matching Score-4
Assigner-Snyk
CVSS Score-8.8||HIGH
EPSS-0.65% / 71.47%
||
7 Day CHG~0.00%
Published-17 Feb, 2020 | 18:48
Updated-04 Aug, 2024 | 09:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

codecov-node npm module before 3.6.5 allows remote attackers to execute arbitrary commands.The value provided as part of the gcov-root argument is executed by the exec function within lib/codecov.js. This vulnerability exists due to an incomplete fix of CVE-2020-7596.

Action-Not Available
Vendor-codecovn/a
Product-codecovcodecov npm module
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-43073
Matching Score-4
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-4
Assigner-Fortinet, Inc.
CVSS Score-8.8||HIGH
EPSS-0.73% / 73.22%
||
7 Day CHG~0.00%
Published-02 Feb, 2022 | 11:01
Updated-25 Oct, 2024 | 13:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiWeb version 6.4.1 and 6.4.0, version 6.3.15 and below, version 6.2.6 and below allows attacker to execute unauthorized code or commands via crafted HTTP requests.

Action-Not Available
Vendor-n/aFortinet, Inc.
Product-fortiwebn/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-8188
Matching Score-4
Assigner-HackerOne
ShareView Details
Matching Score-4
Assigner-HackerOne
CVSS Score-8.8||HIGH
EPSS-0.94% / 76.81%
||
7 Day CHG~0.00%
Published-02 Jul, 2020 | 18:35
Updated-04 Aug, 2024 | 09:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

We have recently released new version of UniFi Protect firmware v1.13.3 and v1.14.10 for Unifi Cloud Key Gen2 Plus and UniFi Dream Machine Pro/UNVR respectively that fixes vulnerabilities found on Protect firmware v1.13.2, v1.14.9 and prior according to the description below:View only users can run certain custom commands which allows them to assign themselves unauthorized roles and escalate their privileges.

Action-Not Available
Vendor-n/aUbiquiti Inc.
Product-unifi_protect_firmwareunifi_protectunifi_dream_machine_prounifi_cloud_key_plusProtect for UniFi Cloud Key Gen2 Plus, UniFi Dream Machine Pro, UNVR
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-20186
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-8.8||HIGH
EPSS-1.20% / 79.37%
||
7 Day CHG~0.00%
Published-07 May, 2025 | 17:37
Updated-26 Feb, 2026 | 18:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the web-based management interface of the Wireless LAN Controller feature of Cisco IOS XE Software could allow an authenticated, remote attacker with a lobby ambassador user account to perform a command injection attack against an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted input to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary Cisco IOS XE Software CLI commands with privilege level 15. Note: This vulnerability is exploitable only if the attacker obtains the credentials for a lobby ambassador account. This account is not configured by default.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xeCisco IOS XE Software
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-15389
Matching Score-4
Assigner-TWCERT/CC
ShareView Details
Matching Score-4
Assigner-TWCERT/CC
CVSS Score-8.7||HIGH
EPSS-0.08% / 24.78%
||
7 Day CHG+0.01%
Published-31 Dec, 2025 | 09:12
Updated-31 Dec, 2025 | 20:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
QNO Technology|VPN Firewall - OS Command Injection

VPN Firewall developed by QNO Technology has an OS Command Injection vulnerability, allowing authenticated remote attackers to inject arbitrary OS commands and execute them on the server.

Action-Not Available
Vendor-QNO Technology
Product-VPN Firewall
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-15254
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-0.39% / 60.77%
||
7 Day CHG-0.01%
Published-30 Dec, 2025 | 15:32
Updated-24 Feb, 2026 | 07:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda W6-S ATE Service ate TendaAte os command injection

A vulnerability was found in Tenda W6-S 1.0.0.4(510). This affects the function TendaAte of the file /goform/ate of the component ATE Service. Performing a manipulation results in os command injection. The attack may be initiated remotely. The exploit has been made public and could be used.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-w6-s_firmwarew6-sW6-S
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-15388
Matching Score-4
Assigner-TWCERT/CC
ShareView Details
Matching Score-4
Assigner-TWCERT/CC
CVSS Score-8.7||HIGH
EPSS-0.34% / 57.28%
||
7 Day CHG+0.11%
Published-31 Dec, 2025 | 09:01
Updated-31 Dec, 2025 | 20:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
QNO Technology|VPN Firewall - OS Command Injection

VPN Firewall developed by QNO Technology has an OS Command Injection vulnerability, allowing authenticated remote attackers to inject arbitrary OS commands and execute them on the server.

Action-Not Available
Vendor-QNO Technology
Product-VPN Firewall
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-15499
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.99% / 77.41%
||
7 Day CHG+0.59%
Published-09 Jan, 2026 | 21:32
Updated-23 Feb, 2026 | 08:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Sangfor Operation and Maintenance Management System VersionController.java uploadCN os command injection

A vulnerability has been found in Sangfor Operation and Maintenance Management System up to 3.0.8. This vulnerability affects the function uploadCN of the file VersionController.java. The manipulation of the argument filename leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-Sangfor Technologies Inc.
Product-operation_and_maintenance_management_systemOperation and Maintenance Management System
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-45104
Matching Score-4
Assigner-Dell
ShareView Details
Matching Score-4
Assigner-Dell
CVSS Score-8.8||HIGH
EPSS-3.11% / 87.17%
||
7 Day CHG~0.00%
Published-10 Feb, 2023 | 21:04
Updated-24 Mar, 2025 | 17:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Unisphere for PowerMax vApp, VASA Provider vApp, and Solution Enabler vApp version 9.2.3.x contain a command execution vulnerability. A low privileged remote attacker could potentially exploit this vulnerability, leading to execute arbitrary commands on the underlying system.

Action-Not Available
Vendor-Dell Inc.
Product-unisphere_for_powermax_virtual_appliancesolutions_enabler_virtual_applianceevasa_provider_virtual_applianceUnisphere for PowerMax vApp
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-43464
Matching Score-4
Assigner-JPCERT/CC
ShareView Details
Matching Score-4
Assigner-JPCERT/CC
CVSS Score-8.8||HIGH
EPSS-0.82% / 74.83%
||
7 Day CHG~0.00%
Published-07 Dec, 2022 | 00:00
Updated-23 Apr, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Hidden functionality vulnerability in UDR-JA1604/UDR-JA1608/UDR-JA1616 firmware versions 71x10.1.107112.43A and earlier allows a remote authenticated attacker to execute an arbitrary OS command on the device or alter the device settings.

Action-Not Available
Vendor-unimoUNIMO Technology Co., Ltd
Product-udr-ja1616udr-ja1604udr-ja1608_firmwareudr-ja1604_firmwareudr-ja1616_firmwareudr-ja1608UDR-JA1604/UDR-JA1608/UDR-JA1616
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-13481
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-8.8||HIGH
EPSS-0.03% / 9.54%
||
7 Day CHG~0.00%
Published-11 Dec, 2025 | 19:47
Updated-15 Dec, 2025 | 19:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IBM Aspera Orchestrator Command Injection

IBM Aspera Orchestrator 4.0.0 through 4.1.0 could allow an authenticated user to execute arbitrary commands with elevated privileges on the system due to improper validation of user supplied input.

Action-Not Available
Vendor-IBM CorporationLinux Kernel Organization, Inc
Product-aspera_orchestratorlinux_kernelAspera Orchestrator
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-13686
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-6.3||MEDIUM
EPSS-0.05% / 17.40%
||
7 Day CHG~0.00%
Published-03 Mar, 2026 | 20:51
Updated-04 Mar, 2026 | 03:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
DataStage on Cloud Pak for Data is vulnerable to arbitrary code injection due to runtime environment

IBM DataStage on Cloud Pak for Data 5.1.2 through 5.3.0 could allow an authenticated user to execute arbitrary commands with normal user privileges on the system due to improper validation of user supplied input through the job subroutine component.

Action-Not Available
Vendor-IBM Corporation
Product-datastage_on_cloud_pak_for_dataDataStage on Cloud Pak for Data
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-13687
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-6.3||MEDIUM
EPSS-0.05% / 17.40%
||
7 Day CHG~0.00%
Published-03 Mar, 2026 | 20:45
Updated-04 Mar, 2026 | 03:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
DataStage on Cloud Pak for Data is vulnerable to arbitrary code injection due to runtime environment

IBM DataStage on Cloud Pak for Data 5.1.2 through 5.3.0 could allow an authenticated user to execute arbitrary commands with normal user privileges on the system due to improper validation of user supplied input through the user-defined function component.

Action-Not Available
Vendor-IBM Corporation
Product-datastage_on_cloud_pak_for_dataDataStage on Cloud Pak for Data
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-45045
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-1.06% / 78.14%
||
7 Day CHG~0.00%
Published-01 Dec, 2022 | 00:00
Updated-24 Apr, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple Xiongmai NVR devices, including MBD6304T V4.02.R11.00000117.10001.131900.00000 and NBD6808T-PL V4.02.R11.C7431119.12001.130000.00000, allow authenticated users to execute arbitrary commands as root, as exploited in the wild starting in approximately 2019. A remote and authenticated attacker, possibly using the default admin:tlJwpbo6 credentials, can connect to port 34567 and execute arbitrary operating system commands via a crafted JSON file during an upgrade request. Since at least 2021, Xiongmai has applied patches to prevent attackers from using this mechanism to execute telnetd.

Action-Not Available
Vendor-xiongmaitechn/a
Product-nbd7024t-pnbd8916f8-qnbd7808r-pl\(ep\)_firmwarenbd8025r-ul_firmwarenbd8016r-ulnbd8016ra-k\(ep\)_firmwarenbd8016t-q-v2nbd8908t-plc-xpoenbd7024h-p_firmwarenbd8032h4-qenbd80s10s-klnbd7904t-q_firmwarenbd8004r-yl\(ep\)nbd8016ra-ula_firmwarenbd8008ra-gl_firmwarenbd8004r-pl\(ep\)nbd8904t-qnbd8904t-q_firmwarenbd8016ra-ulnbd8016s-kl-v2_firmwarenbd8010s-kl-v2nbd7016t-f-v2_firmwarenbd7804r-f\(hdmi\)_firmwarenbd7804r-fwnbd8904t-gsc-xpoenbd8016s-kl-v2nbd8032ra-ul-v2_firmwarenbd8032h4-ulnbd7804r-f\(hdmi\)nbd8008ra-glk_firmwarenbd7808r-pl\(ep\)nbd7008t-pnbd8008r-pl\(ep\)_firmwarenbd80n16ra-kl\(ep\)_firmwarenbd8064h8-p_firmwarenbd7008t-p_firmwarenbd7804t-pl_firmwarenbd8025r-ulnbd8016ra-ulk_firmwarenbd80s10s-kl_firmwarenbd7804r-f\(ep\)nbd8016ra-ul_firmwarenbd8008ra-glmbd6304tmbd6304t_firmwarenbd8008r-pl\(ep\)nbd8016ra-ul\(ep\)nbd8032h4-qnbd8032h4-pnbd8010s-kl-v2_firmwarenbd8008ra-ulknbd8016t-q-v2_firmwarenbd8008ra-ul\(ep\)_firmwarenbd7004t-pnbd80n16ra-kl\(ep\)nbd8032h4-p_firmwarenbd8004r-yl\(ep\)_firmwarenbd7004t-p_firmwarenbd8008r-yl\(ep\)nbd8032h4-ul_firmwarenbd8016ra-ulanbd8032h4-q_firmwarenbd7804r-f\(ep\)_firmwarenbd8004t-q_firmwarenbd88x09s-klnbd8008t-qnbd8032h8-pnbd80s16s-klnbd8008ra-ulanbd8908r-ylnbd80n16ra-kl_firmwarenbd8008ra-ulk_firmwarenbd80s08s-kl\(ep\)_firmwarenbd7808r-pl\(hdmi\)nbd7808t-pl_firmwarenbd7808r-pl\(hdmi\)_firmwarenbd80s16s-kl\(ep\)_firmwarenbd8032h8-qenbd7024h-pnbd7908t-qnbd80x09s-kl_firmwarenbd8916f4-qnbd8916f8-q_firmwarenbd7904r-fs_firmwarenbd8016s-ula-v2nbd8009s-ula-v2_firmwarenbd8008r-plnbd7904t-pl-xpoenbd6808t-plnbd8908t-pl-xpoenbd8908r-yl_firmwarenbd7016t-f-v2nbd7804t-plnbd8016ra-ulknbd80x09s-klnbd8908t-pl-xpoe_firmwarenbd7904t-plc-xpoenbd7904r-fsnbd88x09s-kl_firmwarenbd80n16ra-klnbd7808t-plnbd8064h8-pnbd7904t-p_firmwarenbd8904r-plnbd8008ra-ul\(ep\)nbd8904r-ylnbd7024t-p_firmwarenbd8008ra-ula_firmwarenbd8016r-ul_firmwarenbd7904t-plc-xpoe_firmwarenbd8008r-pl_firmwarenbd8032h8-qe_firmwarenbd8916f4-q_firmwarenbd8032ra-ul-v2nbd8032h4-qe_firmwarenbd8009s-ula-v2nbd8004t-qnbd8904r-pl_firmwarenbd7904t-pl_firmwarenbd80s08s-kl\(ep\)nbd8016ra-ul\(ep\)_firmwarenbd8016s-ula-v2_firmwarenbd80s16s-kl_firmwarenbd7904t-plnbd8016ra-k\(ep\)nbd8008t-q_firmwarenbd8904r-yl_firmwarenbd8008r-yl\(ep\)_firmwarenbd8008ra-glknbd8908r-plnbd8032h8-p_firmwarenbd8904t-gsc-xpoe_firmwarenbd6808t-pl_firmwarenbd7804r-fw_firmwarenbd80x09ra-kl_firmwarenbd7904t-pl-xpoe_firmwarenbd7904t-pnbd8908t-plc-xpoe_firmwarenbd80x09ra-klnbd8908r-pl_firmwarenbd80s16s-kl\(ep\)nbd7908t-q_firmwarenbd8004r-pl\(ep\)_firmwarenbd7904t-qn/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-13943
Matching Score-4
Assigner-Zyxel Corporation
ShareView Details
Matching Score-4
Assigner-Zyxel Corporation
CVSS Score-8.8||HIGH
EPSS-0.07% / 22.21%
||
7 Day CHG~0.00%
Published-24 Feb, 2026 | 02:38
Updated-26 Feb, 2026 | 14:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A post-authentication command injection vulnerability in the log file download function of the Zyxel EX3301-T0 firmware versions through 5.50(ABVY.7)C0 could allow an authenticated attacker to execute operating system (OS) commands on an affected device.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-dx4510-b0_firmwareex5601-t1_firmwareex5510-b0ex5512-t0vmg4005-b50aax7501-b1_firmwaregm4100-b0_firmwareex7501-b0_firmwarepm5100-t1dx3300-t1_firmwareex3510-b1pm5100-t0_firmwarewx3401-b1_firmwareemg6726-b10a_firmwarevmg3625-t50bpx3321-t1ex3501-t0_firmwareex7710-b0_firmwaredx4510-b0dm4200-b0ee5301-00vmg4005-b60a_firmwareemg3525-t50b_firmwarepm3100-t0pm7300-t0_firmwareee3301-00pe3301-00dx5401-b1ex2210-t0_firmwaregm4100-b0px5301-t0vmg4927-b50a_firmwareex5401-b1_firmwareemg3525-t50bam7510-00_firmwareex5510-b0_firmwarewx3100-t0dx5401-b1_firmwareex5601-t1ee3301-00_firmwarevmg4927-b50apm7300-t0pe5301-01ex2210-t0wx5610-b0_firmwarevmg8623-t50b_firmwarewx3401-b1wx5610-b0dx3301-t0ex3301-t0ex3510-b0we4600-00_firmwarepm7500-00_firmwareee5301-00_firmwareex7501-b0ex5401-b1wx5600-t0_firmwarepm5100-t1_firmwareee6510-10ex3510-b1_firmwareex3500-t0ex3600-t0px5301-t0_firmwareex3300-t1_firmwaredx4510-b1emg6726-b10awe4600-00dx3301-t0_firmwareex3500-t0_firmwarevmg3625-t50b_firmwarepm7500-00vmg4005-b50a_firmwarevmg8623-t50bex5601-t0_firmwarewe3300-00_firmwareex3301-t0_firmwarevmg4005-b60adx3300-t0ee6510-10_firmwaredm4200-b0_firmwareex5601-t0dx3300-t1ex3510-b0_firmwareex7710-b0wx3100-t0_firmwareex3300-t0ex3300-t1we3300-00ex5512-t0_firmwarepm5100-t0wx5600-t0ex3300-t0_firmwareemg5523-t50b_firmwarepx3321-t1_firmwaredx4510-b1_firmwareex3501-t0pe5301-01_firmwareex3600-t0_firmwareax7501-b1dx3300-t0_firmwarepe3301-00_firmwareemg5523-t50bpm3100-t0_firmwaream7510-00EX3301-T0 firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-13306
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-0.10% / 28.29%
||
7 Day CHG+0.01%
Published-17 Nov, 2025 | 23:32
Updated-08 Jan, 2026 | 17:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
D-Link DWR-M920/DWR-M921/DIR-822K/DIR-825M formDebugDiagnosticRun system command injection

A security vulnerability has been detected in D-Link DWR-M920, DWR-M921, DIR-822K and DIR-825M 1.1.5. Impacted is the function system of the file /boafrm/formDebugDiagnosticRun. The manipulation of the argument host leads to command injection. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used.

Action-Not Available
Vendor-D-Link Corporation
Product-dwr-m921dir-822kdwr-m920dwr-m920_firmwaredir-822k_firmwaredir-825m_firmwaredwr-m921_firmwaredir-825mDWR-M921DIR-825MDIR-822KDWR-M920
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-16117
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.68% / 72.23%
||
7 Day CHG~0.00%
Published-20 Jun, 2019 | 16:06
Updated-05 Aug, 2024 | 10:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A shell escape vulnerability in /webconsole/Controller in Admin Portal of Sophos XG firewall 17.0.8 MR-8 allow remote authenticated attackers to execute arbitrary OS commands via shell metacharacters in the "dbName" POST parameter.

Action-Not Available
Vendor-n/aSophos Ltd.
Product-xg_firewallsfosn/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-45043
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-17.49% / 95.24%
||
7 Day CHG-0.49%
Published-12 Dec, 2022 | 00:00
Updated-22 Apr, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AX12 V22.03.01.16_cn is vulnerable to command injection via goform/fast_setting_internet_set.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ax12_firmwareax12n/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-16232
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-37.37% / 97.28%
||
7 Day CHG~0.00%
Published-17 Oct, 2018 | 14:00
Updated-05 Aug, 2024 | 10:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An authenticated command injection vulnerability exists in IPFire Firewall before 2.21 Core Update 124 in backup.cgi. This allows an authenticated user with privileges for the affected page to execute arbitrary commands.

Action-Not Available
Vendor-ipfiren/a
Product-ipfiren/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-44149
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-82.16% / 99.24%
||
7 Day CHG~0.00%
Published-06 Jan, 2023 | 00:00
Updated-09 Apr, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The web service on Nexxt Amp300 ARN02304U8 42.103.1.5095 and 80.103.2.5045 devices allows remote OS command execution by placing &telnetd in the JSON host field to the ping feature of the goform/sysTools component. Authentication is required

Action-Not Available
Vendor-nexxtsolutionsn/a
Product-amp300_firmwareamp300n/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-45461
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.46% / 81.36%
||
7 Day CHG~0.00%
Published-17 Nov, 2022 | 00:00
Updated-29 Apr, 2025 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Java Admin Console in Veritas NetBackup through 10.1 and related Veritas products on Linux and UNIX allows authenticated non-root users (that have been explicitly added to the auth.conf file) to execute arbitrary commands as root.

Action-Not Available
Vendor-opengroupn/aLinux Kernel Organization, IncVeritas Technologies LLC
Product-unixnetbackuplinux_kerneln/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-11142
Matching Score-4
Assigner-Axis Communications AB
ShareView Details
Matching Score-4
Assigner-Axis Communications AB
CVSS Score-7.1||HIGH
EPSS-0.14% / 34.28%
||
7 Day CHG+0.02%
Published-10 Feb, 2026 | 05:32
Updated-28 Feb, 2026 | 00:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The VAPIX API mediaclip.cgi that did not have a sufficient input validation allowing for a possible remote code execution. This flaw can only be exploited after authenticating with an operator- or administrator- privileged service account.

Action-Not Available
Vendor-axisAxis Communications AB
Product-axis_osAXIS OS
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-10589
Matching Score-4
Assigner-TWCERT/CC
ShareView Details
Matching Score-4
Assigner-TWCERT/CC
CVSS Score-8.7||HIGH
EPSS-0.39% / 60.38%
||
7 Day CHG~0.00%
Published-17 Sep, 2025 | 03:31
Updated-17 Sep, 2025 | 14:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
N-Partner|N-Reporter, N-Cloud, N-Probe - OS Command Injection

The N-Reporter, N-Cloud, and N-Probe developed by N-Partner has an OS Command Injection vulnerability, allowing authenticated remote attackers to inject arbitrary OS commands and execute them on the server.

Action-Not Available
Vendor-N-Partner
Product-N-CloudN-ReporterN-Probe
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-10265
Matching Score-4
Assigner-TWCERT/CC
ShareView Details
Matching Score-4
Assigner-TWCERT/CC
CVSS Score-8.7||HIGH
EPSS-0.39% / 60.38%
||
7 Day CHG~0.00%
Published-12 Sep, 2025 | 10:15
Updated-29 Sep, 2025 | 17:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Digiever|NVR - OS Command Injection

Certain models of NVR developed by Digiever has an OS Command Injection vulnerability, allowing authenticated remote attackers to inject arbitrary OS commands and execute them on the device.

Action-Not Available
Vendor-Digiever
Product-DS-16x00-RM Pro+DS-4100-RMDS-4200-RM UHDDS-2200 UHD+DS-4200 UHD+DS-8x00-RM Pro+DS-2100 UHDDS-1200DS-4200 ProDS-4200 Pro+DS-2200 UHDDS-4200 UHDDS-2100 Pro+DS-2100 ProDS-16x00-RM UHDDS-8x00-SRM Pro+DS-8x00-RM UHDDS-4200-RM Pro+
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-10680
Matching Score-4
Assigner-OpenVPN Inc.
ShareView Details
Matching Score-4
Assigner-OpenVPN Inc.
CVSS Score-8.8||HIGH
EPSS-0.21% / 44.02%
||
7 Day CHG~0.00%
Published-24 Oct, 2025 | 10:06
Updated-26 Feb, 2026 | 16:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

OpenVPN 2.7_alpha1 through 2.7_beta1 on POSIX based platforms allows a remote authenticated server to inject shell commands via DNS variables when --dns-updown is in use

Action-Not Available
Vendor-OpenVPN
Product-OpenVPN
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-15877
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-80.32% / 99.15%
||
7 Day CHG~0.00%
Published-26 Aug, 2018 | 07:00
Updated-05 Aug, 2024 | 10:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Plainview Activity Monitor plugin before 20180826 for WordPress is vulnerable to OS command injection via shell metacharacters in the ip parameter of a wp-admin/admin.php?page=plainview_activity_monitor&tab=activity_tools request.

Action-Not Available
Vendor-plainview_activity_monitor_projectn/a
Product-plainview_activity_monitorn/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-10442
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-1.29% / 80.13%
||
7 Day CHG+0.16%
Published-15 Sep, 2025 | 11:02
Updated-19 Sep, 2025 | 20:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda AC9/AC15 exeCommand formexeCommand os command injection

A vulnerability was determined in Tenda AC9 and AC15 15.03.05.14. This affects the function formexeCommand of the file /goform/exeCommand. This manipulation of the argument cmdinput causes os command injection. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-ac15_firmwareac9_firmwareac9ac15AC9AC15
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-5352
Matching Score-4
Assigner-Dell
ShareView Details
Matching Score-4
Assigner-Dell
CVSS Score-8.8||HIGH
EPSS-4.25% / 89.10%
||
7 Day CHG~0.00%
Published-06 Jul, 2020 | 17:45
Updated-16 Sep, 2024 | 23:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell EMC Data Protection Advisor 6.4, 6.5 and 18.1 contain an OS command injection vulnerability. A remote authenticated malicious user may exploit this vulnerability to execute arbitrary commands on the affected system.

Action-Not Available
Vendor-Dell Inc.
Product-emc_data_protection_advisorData Protection Advisor
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 21
  • 22
  • Next
Details not found