Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2026-34115

Summary
Assigner-VulnCheck
Assigner Org ID-83251b91-4cc7-4094-a5c7-464a1b83ea10
Published At-01 Jul, 2026 | 16:22
Updated At-01 Jul, 2026 | 17:45
Rejected At-
Credits

Guardian Language-System Unauthenticated OS Command Injection via id Parameter in transcribe_amazon.php

Guardian language-system passes the id GET parameter directly into a PHP exec() call in transcribe_amazon.php (line 15) without sanitization: exec(\"php jobs/transcribe_amazon.php \".$login_session.\" \".$_GET['id'].\" ...\"). No authentication is required. An unauthenticated remote attacker can append shell metacharacters to execute arbitrary OS commands on the server.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:VulnCheck
Assigner Org ID:83251b91-4cc7-4094-a5c7-464a1b83ea10
Published At:01 Jul, 2026 | 16:22
Updated At:01 Jul, 2026 | 17:45
Rejected At:
â–¼CVE Numbering Authority (CNA)
Guardian Language-System Unauthenticated OS Command Injection via id Parameter in transcribe_amazon.php

Guardian language-system passes the id GET parameter directly into a PHP exec() call in transcribe_amazon.php (line 15) without sanitization: exec(\"php jobs/transcribe_amazon.php \".$login_session.\" \".$_GET['id'].\" ...\"). No authentication is required. An unauthenticated remote attacker can append shell metacharacters to execute arbitrary OS commands on the server.

Affected Products
Vendor
guardian
Product
language-system
Repo
https://github.com/guardian/language-system
Default Status
affected
Versions
Affected
  • From 0 through e42c395ec4b03fe62973a669c9209a673838b8a4 (git)
Problem Types
TypeCWE IDDescription
CWECWE-78Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Type: CWE
CWE ID: CWE-78
Description: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Metrics
VersionBase scoreBase severityVector
4.09.3CRITICAL
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
3.19.8CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Version: 4.0
Base score: 9.3
Base severity: CRITICAL
Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Version: 3.1
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

finder
philopentest
Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://gist.github.com/cyberinforepo/d5b2771d82e1b31b8fc1c33052e08dad
technical-description
exploit
https://www.vulncheck.com/advisories/guardian-language-system-unauthenticated-os-command-injection-via-id-parameter-in-transcribe-amazon-php
third-party-advisory
Hyperlink: https://gist.github.com/cyberinforepo/d5b2771d82e1b31b8fc1c33052e08dad
Resource:
technical-description
exploit
Hyperlink: https://www.vulncheck.com/advisories/guardian-language-system-unauthenticated-os-command-injection-via-id-parameter-in-transcribe-amazon-php
Resource:
third-party-advisory
â–¼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:disclosure@vulncheck.com
Published At:01 Jul, 2026 | 17:16
Updated At:01 Jul, 2026 | 19:16

Guardian language-system passes the id GET parameter directly into a PHP exec() call in transcribe_amazon.php (line 15) without sanitization: exec(\"php jobs/transcribe_amazon.php \".$login_session.\" \".$_GET['id'].\" ...\"). No authentication is required. An unauthenticated remote attacker can append shell metacharacters to execute arbitrary OS commands on the server.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary4.09.3CRITICAL
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Secondary3.19.8CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
N/A
Type: Secondary
Version: 4.0
Base score: 9.3
Base severity: CRITICAL
Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Type: Secondary
Version: 3.1
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: N/A
Version:
Base score:
Base severity: N/A
Vector:
CPE Matches

Weaknesses
CWE IDTypeSource
CWE-78Secondarydisclosure@vulncheck.com
CWE ID: CWE-78
Type: Secondary
Source: disclosure@vulncheck.com
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
https://gist.github.com/cyberinforepo/d5b2771d82e1b31b8fc1c33052e08daddisclosure@vulncheck.com
N/A
https://www.vulncheck.com/advisories/guardian-language-system-unauthenticated-os-command-injection-via-id-parameter-in-transcribe-amazon-phpdisclosure@vulncheck.com
N/A
Hyperlink: https://gist.github.com/cyberinforepo/d5b2771d82e1b31b8fc1c33052e08dad
Source: disclosure@vulncheck.com
Resource: N/A
Hyperlink: https://www.vulncheck.com/advisories/guardian-language-system-unauthenticated-os-command-injection-via-id-parameter-in-transcribe-amazon-php
Source: disclosure@vulncheck.com
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

1658Records found

CVE-2026-34109
Matching Score-10
Assigner-VulnCheck
ShareView Details
Matching Score-10
Assigner-VulnCheck
CVSS Score-9.3||CRITICAL
EPSS-0.54% / 41.30%
||
7 Day CHG~0.00%
Published-01 Jul, 2026 | 16:18
Updated-01 Jul, 2026 | 19:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Guardian Language-System Unauthenticated OS Command Injection via id Parameter in speech.php

Guardian language-system passes the id GET parameter directly into a PHP exec() call in speech.php (line 18) without sanitization: exec(\"php jobs/speech_audio.php \".$login_session.\" \".$_GET['id'].\" ...\"). No authentication is required. An unauthenticated remote attacker can append shell metacharacters to execute arbitrary OS commands on the server.

Action-Not Available
Vendor-guardian
Product-language-system
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-34110
Matching Score-10
Assigner-VulnCheck
ShareView Details
Matching Score-10
Assigner-VulnCheck
CVSS Score-9.3||CRITICAL
EPSS-0.55% / 41.89%
||
7 Day CHG~0.00%
Published-01 Jul, 2026 | 16:19
Updated-01 Jul, 2026 | 19:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Guardian Language-System Unauthenticated OS Command Injection via id Parameter in complex_start.php

Guardian language-system passes the id GET parameter directly into a PHP exec() call in complex_start.php (line 14) without sanitization: exec(\"php jobs/complex.php \".$login_session.\" \".$_GET['id'].\" ...\"). No authentication is required. An unauthenticated remote attacker can append shell metacharacters to execute arbitrary OS commands on the server.

Action-Not Available
Vendor-guardian
Product-language-system
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-34114
Matching Score-10
Assigner-VulnCheck
ShareView Details
Matching Score-10
Assigner-VulnCheck
CVSS Score-9.3||CRITICAL
EPSS-0.54% / 41.30%
||
7 Day CHG~0.00%
Published-01 Jul, 2026 | 16:21
Updated-02 Jul, 2026 | 15:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Guardian Language-System Unauthenticated OS Command Injection via id Parameter in translate_text.php

Guardian language-system passes the id GET parameter directly into a PHP exec() call in translate_text.php (line 18) without sanitization: exec(\"php jobs/translate_text.php \".$login_session.\" \".$_GET['id'].\" ...\"). No authentication is required. An unauthenticated remote attacker can append shell metacharacters to execute arbitrary OS commands on the server.

Action-Not Available
Vendor-guardian
Product-language-system
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-34116
Matching Score-10
Assigner-VulnCheck
ShareView Details
Matching Score-10
Assigner-VulnCheck
CVSS Score-9.3||CRITICAL
EPSS-0.55% / 41.89%
||
7 Day CHG~0.00%
Published-01 Jul, 2026 | 16:23
Updated-01 Jul, 2026 | 19:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Guardian Language-System Unauthenticated OS Command Injection via id Parameter in transcribe.php

Guardian language-system passes the id GET parameter directly into a PHP exec() call in transcribe.php (line 15) without sanitization: exec(\"php jobs/transcribe.php \".$login_session.\" \".$_GET['id'].\" ...\"). No authentication is required. An unauthenticated remote attacker can append shell metacharacters to execute arbitrary OS commands on the server.

Action-Not Available
Vendor-guardian
Product-language-system
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-34112
Matching Score-10
Assigner-VulnCheck
ShareView Details
Matching Score-10
Assigner-VulnCheck
CVSS Score-9.3||CRITICAL
EPSS-0.54% / 41.30%
||
7 Day CHG~0.00%
Published-01 Jul, 2026 | 16:20
Updated-01 Jul, 2026 | 18:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Guardian Language-System Unauthenticated OS Command Injection via id Parameter in speechmac.php

Guardian language-system passes the id GET parameter directly into a PHP exec() call in speechmac.php (line 18) without sanitization: exec(\"php jobs/speech_audio_mac.php \".$login_session.\" \".$_GET['id'].\" ...\"). No authentication is required. An unauthenticated remote attacker can append shell metacharacters to execute arbitrary OS commands on the server.

Action-Not Available
Vendor-guardian
Product-language-system
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-34107
Matching Score-10
Assigner-VulnCheck
ShareView Details
Matching Score-10
Assigner-VulnCheck
CVSS Score-9.3||CRITICAL
EPSS-0.68% / 47.87%
||
7 Day CHG~0.00%
Published-01 Jul, 2026 | 16:16
Updated-01 Jul, 2026 | 19:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Guardian Language-System Unauthenticated OS Command Injection via id Parameter in translate.php

Guardian language-system passes the id GET parameter directly into a PHP exec() call in translate.php (line 14) without sanitization: exec(\"php jobs/translate.php \".$login_session.\" \".$_GET['id'].\" ...\"). No authentication is required. An unauthenticated remote attacker can append shell metacharacters to execute arbitrary OS commands on the server.

Action-Not Available
Vendor-guardian
Product-language-system
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-34108
Matching Score-10
Assigner-VulnCheck
ShareView Details
Matching Score-10
Assigner-VulnCheck
CVSS Score-9.3||CRITICAL
EPSS-0.55% / 41.89%
||
7 Day CHG~0.00%
Published-01 Jul, 2026 | 16:17
Updated-02 Jul, 2026 | 15:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Guardian Language-System Unauthenticated OS Command Injection via id Parameter in text.php

Guardian language-system passes the id GET parameter directly into a PHP exec() call in text.php (line 15) without sanitization: exec(\"php jobs/text.php \".$login_session.\" \".$_GET['id'].\" ...\"). No authentication is required. An unauthenticated remote attacker can append shell metacharacters to execute arbitrary OS commands on the server.

Action-Not Available
Vendor-guardian
Product-language-system
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-34111
Matching Score-10
Assigner-VulnCheck
ShareView Details
Matching Score-10
Assigner-VulnCheck
CVSS Score-9.3||CRITICAL
EPSS-0.55% / 41.89%
||
7 Day CHG~0.00%
Published-01 Jul, 2026 | 16:20
Updated-01 Jul, 2026 | 19:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Guardian Language-System Unauthenticated OS Command Injection via id Parameter in speechmac_text.php

Guardian language-system passes the id GET parameter directly into a PHP exec() call in speechmac_text.php (line 18) without sanitization: exec(\"php jobs/speech_audio_mac_text.php \".$login_session.\" \".$_GET['id'].\" ...\"). No authentication is required. An unauthenticated remote attacker can append shell metacharacters to execute arbitrary OS commands on the server.

Action-Not Available
Vendor-guardian
Product-language-system
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-34113
Matching Score-10
Assigner-VulnCheck
ShareView Details
Matching Score-10
Assigner-VulnCheck
CVSS Score-9.3||CRITICAL
EPSS-0.54% / 41.30%
||
7 Day CHG~0.00%
Published-01 Jul, 2026 | 16:21
Updated-01 Jul, 2026 | 19:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Guardian Language-System Unauthenticated OS Command Injection via id Parameter in speech_text.php

Guardian language-system passes the id GET parameter directly into a PHP exec() call in speech_text.php (line 18) without sanitization: exec(\"php jobs/speech_audio_text.php \".$login_session.\" \".$_GET['id'].\" ...\"). No authentication is required. An unauthenticated remote attacker can append shell metacharacters to execute arbitrary OS commands on the server.

Action-Not Available
Vendor-guardian
Product-language-system
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-34106
Matching Score-10
Assigner-VulnCheck
ShareView Details
Matching Score-10
Assigner-VulnCheck
CVSS Score-9.3||CRITICAL
EPSS-0.68% / 47.87%
||
7 Day CHG~0.00%
Published-01 Jul, 2026 | 16:16
Updated-01 Jul, 2026 | 18:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Guardian Language-System Unauthenticated OS Command Injection via id Parameter in subtitles.php

Guardian language-system passes the id GET parameter directly into a PHP exec() call in subtitles.php (line 19) without sanitization: exec(\"php jobs/subtitle_rendering.php \".$login_session.\" \".$_GET['id'].\" ...\"). No authentication is required. An unauthenticated remote attacker can append shell metacharacters to the id parameter to execute arbitrary OS commands on the server.

Action-Not Available
Vendor-guardian
Product-language-system
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-34117
Matching Score-10
Assigner-VulnCheck
ShareView Details
Matching Score-10
Assigner-VulnCheck
CVSS Score-9.3||CRITICAL
EPSS-0.54% / 41.30%
||
7 Day CHG~0.00%
Published-01 Jul, 2026 | 16:24
Updated-01 Jul, 2026 | 19:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Guardian Language-System Unauthenticated OS Command Injection via id Parameter in text_to_subtitles.php

Guardian language-system passes the id GET parameter directly into a PHP exec() call in text_to_subtitles.php (line 19) without sanitization: exec(\"php jobs/text_to_subtitles.php \".$login_session.\" \".$_GET['id'].\" ...\"). No authentication is required. An unauthenticated remote attacker can append shell metacharacters to execute arbitrary OS commands on the server.

Action-Not Available
Vendor-guardian
Product-language-system
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-34102
Matching Score-8
Assigner-VulnCheck
ShareView Details
Matching Score-8
Assigner-VulnCheck
CVSS Score-9.3||CRITICAL
EPSS-0.37% / 29.24%
||
7 Day CHG~0.00%
Published-01 Jul, 2026 | 16:11
Updated-01 Jul, 2026 | 19:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Guardian Language-System Unauthenticated SQL Injection via id Parameter in job_info_get.php

Guardian language-system passes the id GET parameter directly into an unsanitized SQL query in job_info_get.php (line 16): SELECT * FROM jobs where input1 = '\".$_GET['id'].\"'. An authenticated attacker can perform error-based SQL injection to extract database contents.

Action-Not Available
Vendor-guardian
Product-language-system
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2026-34101
Matching Score-8
Assigner-VulnCheck
ShareView Details
Matching Score-8
Assigner-VulnCheck
CVSS Score-9.3||CRITICAL
EPSS-0.37% / 29.25%
||
7 Day CHG~0.00%
Published-01 Jul, 2026 | 16:11
Updated-01 Jul, 2026 | 19:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Guardian Language-System Unauthenticated SQL Injection via id Parameter in text_file.php

Guardian language-system passes the id GET parameter directly into an unsanitized SQL query in text_file.php (line 17): SELECT id, filename, extension, type, duration, owner, private FROM files where id = '\".$_GET['id'].\"'. An authenticated attacker can perform error-based SQL injection to extract database contents.

Action-Not Available
Vendor-guardian
Product-language-system
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2026-34100
Matching Score-8
Assigner-VulnCheck
ShareView Details
Matching Score-8
Assigner-VulnCheck
CVSS Score-9.3||CRITICAL
EPSS-0.37% / 29.25%
||
7 Day CHG~0.00%
Published-01 Jul, 2026 | 16:10
Updated-01 Jul, 2026 | 18:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Guardian Language-System Unauthenticated SQL Injection via id Parameter in media.php

Guardian language-system passes the id GET parameter directly into an unsanitized SQL query in media.php (line 17): SELECT id, filename, extension, type, duration, owner, private FROM files where id = '\".$_GET['id'].\"'. An authenticated attacker can perform error-based SQL injection to extract database contents.

Action-Not Available
Vendor-guardian
Product-language-system
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2026-34099
Matching Score-8
Assigner-VulnCheck
ShareView Details
Matching Score-8
Assigner-VulnCheck
CVSS Score-9.3||CRITICAL
EPSS-0.46% / 36.63%
||
7 Day CHG~0.00%
Published-01 Jul, 2026 | 16:08
Updated-02 Jul, 2026 | 15:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Guardian Language-System Unauthenticated SQL Injection via id Parameter in job_info.php

Guardian language-system passes the id GET parameter directly into an unsanitized SQL query in job_info.php (line 16): SELECT * FROM jobs where id = '\".$_GET['id'].\"'. No authentication is required. An unauthenticated attacker can perform error-based SQL injection to extract the database version, current user, schema names, and table contents.

Action-Not Available
Vendor-guardian
Product-language-system
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2026-34103
Matching Score-8
Assigner-VulnCheck
ShareView Details
Matching Score-8
Assigner-VulnCheck
CVSS Score-9.3||CRITICAL
EPSS-0.37% / 29.24%
||
7 Day CHG~0.00%
Published-01 Jul, 2026 | 16:12
Updated-01 Jul, 2026 | 18:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Guardian Language-System Unauthenticated SQL Injection via id Parameter in subtitles.php

Guardian language-system passes the id GET parameter directly into an unsanitized SQL query in subtitles.php (line 16): SELECT id, filename, extension, type FROM files where id = '\".$_GET['id'].\"'. An authenticated attacker can perform error-based SQL injection to extract database contents.

Action-Not Available
Vendor-guardian
Product-language-system
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2026-34105
Matching Score-8
Assigner-VulnCheck
ShareView Details
Matching Score-8
Assigner-VulnCheck
CVSS Score-9.3||CRITICAL
EPSS-0.37% / 29.25%
||
7 Day CHG~0.00%
Published-01 Jul, 2026 | 16:15
Updated-02 Jul, 2026 | 15:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Guardian Language-System Unauthenticated SQL Injection via id Parameter in translate_text.php

Guardian language-system passes the id GET parameter directly into an unsanitized SQL query in translate_text.php (line 15): SELECT id, filename, extension, type FROM files where id = '\".$_GET['id'].\"'. An authenticated attacker can perform error-based SQL injection to extract database contents.

Action-Not Available
Vendor-guardian
Product-language-system
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2026-34104
Matching Score-8
Assigner-VulnCheck
ShareView Details
Matching Score-8
Assigner-VulnCheck
CVSS Score-9.3||CRITICAL
EPSS-0.37% / 29.25%
||
7 Day CHG~0.00%
Published-01 Jul, 2026 | 16:13
Updated-01 Jul, 2026 | 19:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Guardian Language-System Unauthenticated SQL Injection via name Parameter in designer.php

Guardian language-system passes the name GET parameter directly into an unsanitized SQL query in designer.php (line 124): SELECT * FROM complex WHERE name='\".$_GET['name'].\"'. An authenticated attacker can perform error-based SQL injection to extract database contents.

Action-Not Available
Vendor-guardian
Product-language-system
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2026-9862
Matching Score-4
Assigner-Fortra, LLC
ShareView Details
Matching Score-4
Assigner-Fortra, LLC
CVSS Score-9.8||CRITICAL
EPSS-0.86% / 54.20%
||
7 Day CHG~0.00%
Published-15 Jun, 2026 | 15:10
Updated-15 Jun, 2026 | 21:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Core Privileged Access Manager (BoKS) autoregistration service command injection vulnerability

Fortra's  Core Privileged Access Manager (BoKS) contains an OS command injection vulnerability in the boks_autoregisterd service. A remote attacker with network access to the service may be able to cause commands to be executed with the privileges of the service during the autoregistration processing.

Action-Not Available
Vendor-Fortra LLC
Product-Core Privileged Access Manager (BoKS)
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-9435
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-9.3||CRITICAL
EPSS-1.91% / 77.28%
||
7 Day CHG~0.00%
Published-25 May, 2026 | 06:45
Updated-26 May, 2026 | 18:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Totolink A8000RU Web Management cstecgi.cgi setQosCfg os command injection

A vulnerability was detected in Totolink A8000RU 7.1cu.643_b20200521. The affected element is the function setQosCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Performing a manipulation of the argument enable results in os command injection. Remote exploitation of the attack is possible. The exploit is now public and may be used.

Action-Not Available
Vendor-TOTOLINK
Product-A8000RU
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-9384
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-9.3||CRITICAL
EPSS-1.73% / 74.85%
||
7 Day CHG~0.00%
Published-24 May, 2026 | 13:30
Updated-26 May, 2026 | 18:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Totolink A8000RU Web Management cstecgi.cgi setDiagnosisCfg os command injection

A vulnerability was found in Totolink A8000RU 7.1cu.643_b20200521. This vulnerability affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. The manipulation of the argument ip results in os command injection. The attack can be executed remotely. The exploit has been made public and could be used.

Action-Not Available
Vendor-TOTOLINK
Product-A8000RU
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-9543
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-9.3||CRITICAL
EPSS-2.13% / 79.75%
||
7 Day CHG~0.00%
Published-26 May, 2026 | 12:30
Updated-26 May, 2026 | 16:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Totolink N300RH Web Management cstecgi.cgi setPasswordCfg os command injection

A vulnerability has been found in Totolink N300RH 6.1c.1353_B20190305. Affected is the function setPasswordCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Such manipulation of the argument admpass leads to os command injection. The attack can be executed remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-TOTOLINK
Product-N300RH
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-9408
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-9.3||CRITICAL
EPSS-1.73% / 74.85%
||
7 Day CHG~0.00%
Published-25 May, 2026 | 00:00
Updated-26 May, 2026 | 18:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Totolink A8000RU Web Management cstecgi.cgi setStaticDhcpRules os command injection

A vulnerability was detected in Totolink A8000RU 7.1cu.643_b20200521. Affected by this issue is the function setStaticDhcpRules of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. The manipulation of the argument enable results in os command injection. The attack may be performed from remote. The exploit is now public and may be used.

Action-Not Available
Vendor-TOTOLINK
Product-A8000RU
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-9406
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-9.3||CRITICAL
EPSS-1.73% / 74.85%
||
7 Day CHG~0.00%
Published-24 May, 2026 | 23:30
Updated-27 May, 2026 | 19:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Totolink A8000RU Web Management cstecgi.cgi setRemoteCfg os command injection

A weakness has been identified in Totolink A8000RU 7.1cu.643_b20200521. Affected is the function setRemoteCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Executing a manipulation of the argument enable can lead to os command injection. The attack can be executed remotely. The exploit has been made available to the public and could be used for attacks.

Action-Not Available
Vendor-TOTOLINK
Product-A8000RU
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-9455
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-9.3||CRITICAL
EPSS-1.91% / 77.28%
||
7 Day CHG~0.00%
Published-25 May, 2026 | 11:45
Updated-26 May, 2026 | 18:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Totolink A8000RU Web Management cstecgi.cgi UploadOpenVpnCert os command injection

A vulnerability has been found in Totolink A8000RU 7.1cu.643_b20200521. This issue affects the function UploadOpenVpnCert of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. The manipulation of the argument FileName leads to os command injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-TOTOLINK
Product-A8000RU
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-8666
Matching Score-4
Assigner-Rapid7, Inc.
ShareView Details
Matching Score-4
Assigner-Rapid7, Inc.
CVSS Score-7.7||HIGH
EPSS-0.68% / 47.69%
||
7 Day CHG+0.12%
Published-25 Jun, 2026 | 01:35
Updated-29 Jun, 2026 | 19:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
OS Command Injection in Rapid7 InsightConnect Traceroute Plugin

OS Command Injection vulnerability in the traceroute action of Rapid7 InsightConnect Traceroute Plugin on Linux allows remote attackers to execute arbitrary OS commands via the host, port, max_ttl, count, or time_out request parameters due to insufficient input validation when constructing shell commands.

Action-Not Available
Vendor-Linux Kernel Organization, IncRapid7 LLC
Product-linux_kernelinsightconnect_tracerouteInsightConnect Traceroute Plugin
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-8603
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-8.7||HIGH
EPSS-1.32% / 67.31%
||
7 Day CHG~0.00%
Published-19 May, 2026 | 17:03
Updated-21 May, 2026 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper neutralization of special elements used in an OS command ('OS command injection') in ScadaBR

In ScadaBR version 1.2.0, an OS Command Injection vulnerability could allow an attacker to execute commands as root on the SCADA system.

Action-Not Available
Vendor-scadabrScadaBR
Product-scadabrScadaBR
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-9475
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-9.3||CRITICAL
EPSS-1.91% / 77.28%
||
7 Day CHG~0.00%
Published-25 May, 2026 | 16:45
Updated-26 May, 2026 | 19:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Totolink A8000RU Web Management cstecgi.cgi setIpQosRules os command injection

A vulnerability was determined in Totolink A8000RU 7.1cu.643_b20200521. This affects the function setIpQosRules of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. This manipulation of the argument Comment causes os command injection. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized.

Action-Not Available
Vendor-TOTOLINK
Product-A8000RU
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-9458
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-9.3||CRITICAL
EPSS-2.09% / 79.38%
||
7 Day CHG~0.00%
Published-25 May, 2026 | 12:30
Updated-28 May, 2026 | 18:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Totolink A8000RU Web Management cstecgi.cgi setWanCfg os command injection

A vulnerability was identified in Totolink A8000RU 7.1cu.643_b20200521. The impacted element is the function setWanCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Such manipulation of the argument enabled leads to os command injection. The attack may be performed from remote. The exploit is publicly available and might be used.

Action-Not Available
Vendor-TOTOLINK
Product-A8000RU
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-8660
Matching Score-4
Assigner-Rapid7, Inc.
ShareView Details
Matching Score-4
Assigner-Rapid7, Inc.
CVSS Score-7.7||HIGH
EPSS-0.68% / 47.69%
||
7 Day CHG+0.12%
Published-25 Jun, 2026 | 00:52
Updated-29 Jun, 2026 | 19:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
OS Command Injection in Rapid7 InsightConnect Ping Plugin

OS Command Injection vulnerability in the ping action of Rapid7 InsightConnect Ping Plugin on Linux allows remote attackers to execute arbitrary OS commands via the host parameter due to insufficient input validation when constructing shell commands.

Action-Not Available
Vendor-Linux Kernel Organization, IncRapid7 LLC
Product-linux_kernelinsightconnect_pingInsightConnect Ping Plugin
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-4473
Matching Score-4
Assigner-Zyxel Corporation
ShareView Details
Matching Score-4
Assigner-Zyxel Corporation
CVSS Score-9.8||CRITICAL
EPSS-41.35% / 98.50%
||
7 Day CHG~0.00%
Published-30 Nov, 2023 | 01:40
Updated-16 Dec, 2025 | 18:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A command injection vulnerability in the web server of the Zyxel NAS326 firmware version V5.21(AAZF.14)C0 and NAS542 firmware version V5.21(ABAG.11)C0 could allow an unauthenticated attacker to execute some operating system (OS) commands by sending a crafted URL to a vulnerable device.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-nas326nas542_firmwarenas542nas326_firmwareNAS326 firmwareNAS542 firmwarenas542_firmwarenas326_firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-8592
Matching Score-4
Assigner-Rapid7, Inc.
ShareView Details
Matching Score-4
Assigner-Rapid7, Inc.
CVSS Score-7.7||HIGH
EPSS-0.68% / 47.69%
||
7 Day CHG+0.12%
Published-25 Jun, 2026 | 01:32
Updated-29 Jun, 2026 | 19:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
OS Command Injection in Rapid7 InsightConnect AWK Plugin

OS Command Injection vulnerability in the process_string action of Rapid7 InsightConnect AWK Plugin on Linux allows remote attackers to execute arbitrary OS commands via the text or expression parameters due to unsafe shell command construction in the processing pipeline.

Action-Not Available
Vendor-Linux Kernel Organization, IncRapid7 LLC
Product-linux_kernelinsightconnect_awkInsightConnect AWK Plugin
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-8665
Matching Score-4
Assigner-Rapid7, Inc.
ShareView Details
Matching Score-4
Assigner-Rapid7, Inc.
CVSS Score-7.7||HIGH
EPSS-0.68% / 47.70%
||
7 Day CHG+0.12%
Published-25 Jun, 2026 | 01:12
Updated-29 Jun, 2026 | 19:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
OS Command Injection in Rapid7 InsightConnect Translate Plugin

OS Command Injection vulnerability in the TR action of Rapid7 InsightConnect Translate Plugin on Linux allows remote attackers to execute arbitrary OS commands via the text or expression parameters due to insufficient input sanitization in shell command construction.

Action-Not Available
Vendor-Linux Kernel Organization, IncRapid7 LLC
Product-linux_kernelinsightconnect_translateInsightConnect TR Plugin
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-9457
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-9.3||CRITICAL
EPSS-2.09% / 79.38%
||
7 Day CHG~0.00%
Published-25 May, 2026 | 12:15
Updated-26 May, 2026 | 18:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Totolink A8000RU Web Management cstecgi.cgi UploadFirmwareFile os command injection

A vulnerability was determined in Totolink A8000RU 7.1cu.643_b20200521. The affected element is the function UploadFirmwareFile of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. This manipulation of the argument FileName causes os command injection. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized.

Action-Not Available
Vendor-TOTOLINK
Product-A8000RU
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2016-11061
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.99% / 78.17%
||
7 Day CHG~0.00%
Published-29 Apr, 2020 | 21:23
Updated-06 Aug, 2024 | 03:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, and 7970i devices before 073.xxx.086.15410 do not properly escape parameters in the support/remoteUI/configrui.php script, which can allow an unauthenticated attacker to execute OS commands on the device.

Action-Not Available
Vendor-n/aXerox Corporation
Product-workcentre_5945_firmwareworkcentre_5945workcentre_5955_firmwareworkcentre_6655iworkcentre_7855workcentre_7845_firmwareworkcentre_5890workcentre_5865workcentre_5945i_firmwareworkcentre_5890i_firmwareworkcentre_3655_firmwareworkcentre_7200_firmwareworkcentre_5865_firmwareworkcentre_7200i_firmwareworkcentre_6655_firmwareworkcentre_7225i_firmwareworkcentre_7835workcentre_3655i_firmwareworkcentre_7970_firmwareworkcentre_3655workcentre_5875i_firmwareworkcentre_7970iworkcentre_7225iworkcentre_7225workcentre_7225_firmwareworkcentre_7220_firmwareworkcentre_7835_firmwareworkcentre_5955iworkcentre_6655workcentre_7220workcentre_5890_firmwareworkcentre_5865i_firmwareworkcentre_5875iworkcentre_7970i_firmwareworkcentre_7970workcentre_3655iworkcentre_7845workcentre_5945iworkcentre_5865iworkcentre_7200iworkcentre_7830workcentre_6655i_firmwareworkcentre_5955workcentre_7200workcentre_7855_firmwareworkcentre_5875_firmwareworkcentre_5875workcentre_5955i_firmwareworkcentre_5890iworkcentre_7830_firmwaren/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-9476
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-9.3||CRITICAL
EPSS-1.91% / 77.28%
||
7 Day CHG~0.00%
Published-25 May, 2026 | 17:00
Updated-28 May, 2026 | 15:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Totolink A8000RU Web Management cstecgi.cgi setPasswordCfg os command injection

A vulnerability was identified in Totolink A8000RU 7.1cu.643_b20200521. This vulnerability affects the function setPasswordCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Such manipulation of the argument admpass leads to os command injection. The attack can be executed remotely. The exploit is publicly available and might be used.

Action-Not Available
Vendor-TOTOLINK
Product-A8000RU
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-9407
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-9.3||CRITICAL
EPSS-1.73% / 74.85%
||
7 Day CHG~0.00%
Published-24 May, 2026 | 23:45
Updated-26 May, 2026 | 18:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Totolink A8000RU Web Management cstecgi.cgi setFirewallType os command injection

A security vulnerability has been detected in Totolink A8000RU 7.1cu.643_b20200521. Affected by this vulnerability is the function setFirewallType of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. The manipulation of the argument firewallType leads to os command injection. The attack is possible to be carried out remotely. The exploit has been disclosed publicly and may be used.

Action-Not Available
Vendor-TOTOLINK
Product-A8000RU
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-9386
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-9.3||CRITICAL
EPSS-1.73% / 74.85%
||
7 Day CHG~0.00%
Published-24 May, 2026 | 14:00
Updated-26 May, 2026 | 18:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Totolink A8000RU Web Management cstecgi.cgi setLanguageCfg os command injection

A vulnerability was identified in Totolink A8000RU 7.1cu.643_b20200521. Impacted is the function setLanguageCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Such manipulation of the argument lang leads to os command injection. The attack may be performed from remote. The exploit is publicly available and might be used.

Action-Not Available
Vendor-TOTOLINK
Product-A8000RU
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-60738
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.90% / 55.15%
||
7 Day CHG~0.00%
Published-20 Nov, 2025 | 00:00
Updated-15 Jan, 2026 | 18:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue in Ilevia EVE X1 Server Firmware Version v4.7.18.0.eden and before Logic Version v6.00 - 2025_07_21 and before allows a remote attacker to execute arbitrary code via the ping.php component does not perform secure filtering on IP parameters

Action-Not Available
Vendor-ilevian/a
Product-eve_x1_server_firmwareeve_x1_servern/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-9477
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-9.3||CRITICAL
EPSS-1.91% / 77.28%
||
7 Day CHG~0.00%
Published-25 May, 2026 | 17:15
Updated-26 May, 2026 | 19:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Totolink A8000RU Web Management cstecgi.cgi setAccessDeviceCfg os command injection

A security flaw has been discovered in Totolink A8000RU 7.1cu.643_b20200521. This issue affects the function setAccessDeviceCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Performing a manipulation of the argument mac results in os command injection. The attack is possible to be carried out remotely. The exploit has been released to the public and may be used for attacks.

Action-Not Available
Vendor-TOTOLINK
Product-A8000RU
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-9388
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-9.3||CRITICAL
EPSS-2.09% / 79.34%
||
7 Day CHG~0.00%
Published-24 May, 2026 | 14:30
Updated-26 May, 2026 | 18:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Totolink A8000RU Web Management cstecgi.cgi setScheduleCfg os command injection

A weakness has been identified in Totolink A8000RU 7.1cu.643_b20200521. The impacted element is the function setScheduleCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Executing a manipulation of the argument mode can lead to os command injection. It is possible to launch the attack remotely. The exploit has been made available to the public and could be used for attacks.

Action-Not Available
Vendor-TOTOLINK
Product-A8000RU
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-9434
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-9.3||CRITICAL
EPSS-1.73% / 74.85%
||
7 Day CHG~0.00%
Published-25 May, 2026 | 06:30
Updated-28 May, 2026 | 17:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Totolink A8000RU Web Management cstecgi.cgi setWiFiWpsCfg os command injection

A security vulnerability has been detected in Totolink A8000RU 7.1cu.643_b20200521. Impacted is the function setWiFiWpsCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Such manipulation of the argument wscDisabled leads to os command injection. The attack may be launched remotely. The exploit has been disclosed publicly and may be used.

Action-Not Available
Vendor-TOTOLINK
Product-A8000RU
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-9432
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-9.3||CRITICAL
EPSS-1.73% / 74.85%
||
7 Day CHG~0.00%
Published-25 May, 2026 | 06:00
Updated-26 May, 2026 | 18:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Totolink A8000RU Web Management cstecgi.cgi setWiFiAdvancedCfg os command injection

A security flaw has been discovered in Totolink A8000RU 7.1cu.643_b20200521. This vulnerability affects the function setWiFiAdvancedCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. The manipulation of the argument bgProtection results in os command injection. The attack can be launched remotely. The exploit has been released to the public and may be used for attacks.

Action-Not Available
Vendor-TOTOLINK
Product-A8000RU
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-41663
Matching Score-4
Assigner-CERT@VDE
ShareView Details
Matching Score-4
Assigner-CERT@VDE
CVSS Score-9.8||CRITICAL
EPSS-0.55% / 41.89%
||
7 Day CHG~0.00%
Published-11 Jun, 2025 | 08:15
Updated-24 Jul, 2025 | 14:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Weidmueller: Security routers IE-SR-2TX are affected by Command Injection

For u-link Management API an unauthenticated remote attacker in a man-in-the-middle position can inject arbitrary commands in responses returned by WWH servers, which are then executed with elevated privileges. To get into such a position, clients would need to use insecure proxy configurations.

Action-Not Available
Vendor-Weidmueller
Product-IE-SR-2TX-WLIE-SR-2TX-WL-4G-US-VIE-SR-2TX-WL-4G-EU
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-41274
Matching Score-4
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-4
Assigner-Nozomi Networks Inc.
CVSS Score-9.3||CRITICAL
EPSS-1.38% / 68.78%
||
7 Day CHG~0.00%
Published-29 May, 2026 | 10:53
Updated-01 Jun, 2026 | 18:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in the Console WebUI in Waterfall WF-500 TX and RX Hosts in version 7.9.1.0 R2502171040 that allows remote unauthenticated attackers to execute arbitrary operating system commands on the device.

Action-Not Available
Vendor-waterfall-securityWaterfall
Product-wf-500_firmwarewf-500WF-500
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-41270
Matching Score-4
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-4
Assigner-Nozomi Networks Inc.
CVSS Score-9.3||CRITICAL
EPSS-1.38% / 68.78%
||
7 Day CHG~0.00%
Published-29 May, 2026 | 10:51
Updated-01 Jun, 2026 | 18:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in the Console WebUI in Waterfall WF-500 TX and RX Hosts in version 7.9.1.0 R2502171040 that allows remote unauthenticated attackers to execute arbitrary operating system commands on the device.

Action-Not Available
Vendor-waterfall-securityWaterfall
Product-wf-500_firmwarewf-500WF-500
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-2507
Matching Score-4
Assigner-QNAP Systems, Inc.
ShareView Details
Matching Score-4
Assigner-QNAP Systems, Inc.
CVSS Score-9.8||CRITICAL
EPSS-3.04% / 85.90%
||
7 Day CHG+0.32%
Published-03 Feb, 2021 | 15:51
Updated-16 Sep, 2024 | 19:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
command injection vulnerability in Helpdesk

The vulnerability have been reported to affect earlier versions of QTS. If exploited, this command injection vulnerability could allow remote attackers to run arbitrary commands. This issue affects: QNAP Systems Inc. Helpdesk versions prior to 3.0.3.

Action-Not Available
Vendor-QNAP Systems, Inc.
Product-helpdeskHelpdesk
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-41272
Matching Score-4
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-4
Assigner-Nozomi Networks Inc.
CVSS Score-9.3||CRITICAL
EPSS-1.38% / 68.78%
||
7 Day CHG~0.00%
Published-29 May, 2026 | 10:52
Updated-01 Jun, 2026 | 18:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in the Console WebUI in Waterfall WF-500 TX and RX Hosts in version 7.9.1.0 R2502171040 that allows remote unauthenticated attackers to execute arbitrary operating system commands on the device.

Action-Not Available
Vendor-waterfall-securityWaterfall
Product-wf-500_firmwarewf-500WF-500
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-7823
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-9.3||CRITICAL
EPSS-1.79% / 75.65%
||
7 Day CHG~0.00%
Published-05 May, 2026 | 04:45
Updated-05 May, 2026 | 19:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Totolink A8000RU cstecgi.cgi setAppFilterCfg os command injection

A security flaw has been discovered in Totolink A8000RU 7.1cu.643_b20200521. Affected is the function setAppFilterCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument enable results in os command injection. The attack may be launched remotely. The exploit has been released to the public and may be used for attacks.

Action-Not Available
Vendor-TOTOLINK
Product-A8000RU
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2016-10541
Matching Score-4
Assigner-HackerOne
ShareView Details
Matching Score-4
Assigner-HackerOne
CVSS Score-9.8||CRITICAL
EPSS-2.23% / 80.61%
||
7 Day CHG~0.00%
Published-31 May, 2018 | 20:00
Updated-17 Sep, 2024 | 03:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The npm module "shell-quote" 1.6.0 and earlier cannot correctly escape ">" and "<" operator used for redirection in shell. Applications that depend on shell-quote may also be vulnerable. A malicious user could perform code injection.

Action-Not Available
Vendor-shell-quote_projectHackerOne
Product-shell-quoteshell-quote node module
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 33
  • 34
  • Next
Details not found