Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2026-58452

Summary
Assigner-VulnCheck
Assigner Org ID-83251b91-4cc7-4094-a5c7-464a1b83ea10
Published At-01 Jul, 2026 | 15:31
Updated At-01 Jul, 2026 | 17:54
Rejected At-
Credits

JAIOTlink C492A-W6 4.8.30.57701411 OS Command Injection via SetMAC Endpoint

JAIOTlink C492A-W6 Wi-Fi IP cameras running firmware 4.8.30.57701411 contain an OS command injection vulnerability that allows authenticated attackers to achieve remote code execution by supplying a malicious Wireless parameter to the HTTP PUT NetSDK/Factory SetMAC endpoint. Attackers can craft a string beginning with a valid MAC-like prefix followed by a semicolon and a shell payload, which bypasses partial sscanf() validation and is passed unsanitized into an echo shell command executed through a system() wrapper.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:VulnCheck
Assigner Org ID:83251b91-4cc7-4094-a5c7-464a1b83ea10
Published At:01 Jul, 2026 | 15:31
Updated At:01 Jul, 2026 | 17:54
Rejected At:
â–¼CVE Numbering Authority (CNA)
JAIOTlink C492A-W6 4.8.30.57701411 OS Command Injection via SetMAC Endpoint

JAIOTlink C492A-W6 Wi-Fi IP cameras running firmware 4.8.30.57701411 contain an OS command injection vulnerability that allows authenticated attackers to achieve remote code execution by supplying a malicious Wireless parameter to the HTTP PUT NetSDK/Factory SetMAC endpoint. Attackers can craft a string beginning with a valid MAC-like prefix followed by a semicolon and a shell payload, which bypasses partial sscanf() validation and is passed unsanitized into an echo shell command executed through a system() wrapper.

Affected Products
Vendor
JAIOTlink
Product
C492A-W6 Wi-Fi IP Camera
Default Status
affected
Versions
Affected
  • 4.8.30.57701411 (custom)
Problem Types
TypeCWE IDDescription
CWECWE-78Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Type: CWE
CWE ID: CWE-78
Description: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Metrics
VersionBase scoreBase severityVector
4.08.7HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
3.18.8HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Version: 4.0
Base score: 8.7
Base severity: HIGH
Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Version: 3.1
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

finder
Andres Valdes
Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://github.com/rwprimitives/jaiotlink-c492a-wifi-camera/blob/main/writeups/01-setmac-command-injection.md
technical-description
exploit
https://www.amazon.com/stores/JAIOTlink/page/3B00DC41-70C3-4BAA-925C-3D222C2633D5?lp_asin=B0GX1BNZ78&ref_=ast_bln&store_ref=bl_ast_dp_brandlogo_sto
product
https://www.vulncheck.com/advisories/jaiotlink-c492a-w6-os-command-injection-via-setmac-endpoint
third-party-advisory
Hyperlink: https://github.com/rwprimitives/jaiotlink-c492a-wifi-camera/blob/main/writeups/01-setmac-command-injection.md
Resource:
technical-description
exploit
Hyperlink: https://www.amazon.com/stores/JAIOTlink/page/3B00DC41-70C3-4BAA-925C-3D222C2633D5?lp_asin=B0GX1BNZ78&ref_=ast_bln&store_ref=bl_ast_dp_brandlogo_sto
Resource:
product
Hyperlink: https://www.vulncheck.com/advisories/jaiotlink-c492a-w6-os-command-injection-via-setmac-endpoint
Resource:
third-party-advisory
â–¼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:disclosure@vulncheck.com
Published At:01 Jul, 2026 | 17:16
Updated At:01 Jul, 2026 | 19:16

JAIOTlink C492A-W6 Wi-Fi IP cameras running firmware 4.8.30.57701411 contain an OS command injection vulnerability that allows authenticated attackers to achieve remote code execution by supplying a malicious Wireless parameter to the HTTP PUT NetSDK/Factory SetMAC endpoint. Attackers can craft a string beginning with a valid MAC-like prefix followed by a semicolon and a shell payload, which bypasses partial sscanf() validation and is passed unsanitized into an echo shell command executed through a system() wrapper.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary4.08.7HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Secondary3.18.8HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
N/A
Type: Secondary
Version: 4.0
Base score: 8.7
Base severity: HIGH
Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Type: Secondary
Version: 3.1
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: N/A
Version:
Base score:
Base severity: N/A
Vector:
CPE Matches

Weaknesses
CWE IDTypeSource
CWE-78Secondarydisclosure@vulncheck.com
CWE ID: CWE-78
Type: Secondary
Source: disclosure@vulncheck.com
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
https://github.com/rwprimitives/jaiotlink-c492a-wifi-camera/blob/main/writeups/01-setmac-command-injection.mddisclosure@vulncheck.com
N/A
https://www.amazon.com/stores/JAIOTlink/page/3B00DC41-70C3-4BAA-925C-3D222C2633D5?lp_asin=B0GX1BNZ78&ref_=ast_bln&store_ref=bl_ast_dp_brandlogo_stodisclosure@vulncheck.com
N/A
https://www.vulncheck.com/advisories/jaiotlink-c492a-w6-os-command-injection-via-setmac-endpointdisclosure@vulncheck.com
N/A
Hyperlink: https://github.com/rwprimitives/jaiotlink-c492a-wifi-camera/blob/main/writeups/01-setmac-command-injection.md
Source: disclosure@vulncheck.com
Resource: N/A
Hyperlink: https://www.amazon.com/stores/JAIOTlink/page/3B00DC41-70C3-4BAA-925C-3D222C2633D5?lp_asin=B0GX1BNZ78&ref_=ast_bln&store_ref=bl_ast_dp_brandlogo_sto
Source: disclosure@vulncheck.com
Resource: N/A
Hyperlink: https://www.vulncheck.com/advisories/jaiotlink-c492a-w6-os-command-injection-via-setmac-endpoint
Source: disclosure@vulncheck.com
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

1114Records found

CVE-2020-5756
Matching Score-4
Assigner-Tenable Network Security, Inc.
ShareView Details
Matching Score-4
Assigner-Tenable Network Security, Inc.
CVSS Score-8.8||HIGH
EPSS-2.47% / 82.57%
||
7 Day CHG~0.00%
Published-17 Jul, 2020 | 20:16
Updated-04 Aug, 2024 | 08:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Grandstream GWN7000 firmware version 1.0.9.4 and below allows authenticated remote users to modify the system's crontab via undocumented API. An attacker can use this functionality to execute arbitrary OS commands on the router.

Action-Not Available
Vendor-grandstreamTenable, Inc.
Product-gwn7000gwn7000_firmwareGrandstream GWN7000
CWE ID-CWE-489
Active Debug Code
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-5626
Matching Score-4
Assigner-JPCERT/CC
ShareView Details
Matching Score-4
Assigner-JPCERT/CC
CVSS Score-8.8||HIGH
EPSS-2.16% / 79.94%
||
7 Day CHG~0.00%
Published-28 Jan, 2021 | 10:00
Updated-04 Aug, 2024 | 08:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Logstorage version 8.0.0 and earlier, and ELC Analytics version 3.0.0 and earlier allow remote attackers to execute arbitrary OS commands via a specially crafted log file.

Action-Not Available
Vendor-infoscienceInfoscience Corporation
Product-logstorageelc_analyticsLogstorage and ELC Analytics
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-64124
Matching Score-4
Assigner-Dragos, Inc.
ShareView Details
Matching Score-4
Assigner-Dragos, Inc.
CVSS Score-8.7||HIGH
EPSS-0.90% / 55.27%
||
7 Day CHG~0.00%
Published-03 Jan, 2026 | 00:28
Updated-26 Feb, 2026 | 19:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Nuvation Energy Multi-Stack Controller OS Command Injection

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Nuvation Energy Multi-Stack Controller (MSC) allows OS Command Injection.This issue affects Multi-Stack Controller (MSC): before 2.5.1.

Action-Not Available
Vendor-nuvationenergyNuvation Energy
Product-nuvmsc3-16s-cnuvmsc3-12s-cnuvmsc3-08s-cnuvmsc3-04s-cnplatformMulti-Stack Controller (MSC)
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-5352
Matching Score-4
Assigner-Dell
ShareView Details
Matching Score-4
Assigner-Dell
CVSS Score-8.8||HIGH
EPSS-2.91% / 85.30%
||
7 Day CHG~0.00%
Published-06 Jul, 2020 | 17:45
Updated-16 Sep, 2024 | 23:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell EMC Data Protection Advisor 6.4, 6.5 and 18.1 contain an OS command injection vulnerability. A remote authenticated malicious user may exploit this vulnerability to execute arbitrary commands on the affected system.

Action-Not Available
Vendor-Dell Inc.
Product-emc_data_protection_advisorData Protection Advisor
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-4241
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-7.5||HIGH
EPSS-66.30% / 99.19%
||
7 Day CHG~0.00%
Published-31 Mar, 2020 | 14:31
Updated-16 Sep, 2024 | 19:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Spectrum Scale and IBM Spectrum Protect Plus 10.1.0 through 10.1.5 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. IBM X-Force ID: 175418.

Action-Not Available
Vendor-IBM Corporation
Product-spectrum_scalespectrum_protect_plusSpectrum Protect Plus
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-4180
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-8.8||HIGH
EPSS-3.01% / 85.78%
||
7 Day CHG~0.00%
Published-03 Jun, 2020 | 14:30
Updated-16 Sep, 2024 | 16:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Security Guardium 11.1 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. IBM X-Force ID: 174735.

Action-Not Available
Vendor-IBM Corporation
Product-security_guardiumSecurity Guardium
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-37032
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.6||HIGH
EPSS-1.04% / 59.81%
||
7 Day CHG~0.00%
Published-30 Jan, 2026 | 22:07
Updated-05 Mar, 2026 | 01:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Wing FTP Server 6.3.8 - Remote Code Execution

Wing FTP Server 6.3.8 contains a remote code execution vulnerability in its Lua-based web console that allows authenticated users to execute system commands. Attackers can leverage the console to send POST requests with malicious commands that trigger operating system execution through the os.execute() function.

Action-Not Available
Vendor-wftpserverWing FTP Server
Product-wing_ftp_serverWing FTP Server
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-63705
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-1.19% / 64.03%
||
7 Day CHG~0.00%
Published-07 May, 2026 | 00:00
Updated-08 May, 2026 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NPM package node-ts-ocr 1.0.15 is vulnerable to OS Command Injection via the invokeImageOcr function in src/index.js.

Action-Not Available
Vendor-n/a
Product-n/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-4242
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-8.8||HIGH
EPSS-4.59% / 90.50%
||
7 Day CHG~0.00%
Published-31 Mar, 2020 | 14:31
Updated-16 Sep, 2024 | 20:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Spectrum Scale and IBM Spectrum Protect Plus 10.1.0 through 10.1.5 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. IBM X-Force ID: 175419.

Action-Not Available
Vendor-IBM Corporation
Product-spectrum_scalespectrum_protect_plusSpectrum Protect Plus
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-50909
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.6||HIGH
EPSS-2.10% / 79.44%
||
7 Day CHG~0.00%
Published-13 Jan, 2026 | 22:51
Updated-14 Jan, 2026 | 16:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Algo 8028 Control Panel - Remote Code Execution (RCE) (Authenticated)

Algo 8028 Control Panel version 3.3.3 contains a command injection vulnerability in the fm-data.lua endpoint that allows authenticated attackers to execute arbitrary commands. Attackers can exploit the insecure 'source' parameter by injecting commands that are executed with root privileges, enabling remote code execution through a crafted POST request.

Action-Not Available
Vendor-Algo Solutions
Product-Algo 8028
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-36910
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.7||HIGH
EPSS-1.28% / 66.44%
||
7 Day CHG~0.00%
Published-06 Jan, 2026 | 15:52
Updated-08 Jan, 2026 | 18:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cayin Signage Media Player 3.0 Authenticated Remote Command Injection via NTP Parameter

Cayin Signage Media Player 3.0 contains an authenticated remote command injection vulnerability in system.cgi and wizard_system.cgi pages. Attackers can exploit the 'NTP_Server_IP' parameter with default credentials to execute arbitrary shell commands as root.

Action-Not Available
Vendor-CAYIN Technology Co.
Product-SMP-8000QDSMP-300SMP-PROPLUSSMP-1000SMP-2000SMP-2310SMP-2200SMP-NEO2SMP-WEBPLUSSMP-200SMP-8000SMP-6000SMP-NEOSMP-4000SMP-2100SMP-WEB4SMP-2300SMP-2210SMP-PRO4
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-6104
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-3.06% / 85.99%
||
7 Day CHG~0.00%
Published-16 Jun, 2025 | 03:31
Updated-16 Jun, 2025 | 18:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Wifi-soft UniBox Controller pms_check.php os command injection

A vulnerability, which was classified as critical, was found in Wifi-soft UniBox Controller up to 20250506. This affects an unknown part of the file /billing/pms_check.php. The manipulation of the argument ipaddress leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-Wifi-soft
Product-UniBox Controller
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-4558
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-3.63% / 88.14%
||
7 Day CHG~0.00%
Published-22 Mar, 2026 | 17:29
Updated-30 Apr, 2026 | 16:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Linksys MR9600 SmartConnect.lua smartConnectConfigure os command injection

A flaw has been found in Linksys MR9600 2.0.6.206937. Affected is the function smartConnectConfigure of the file SmartConnect.lua. Executing a manipulation of the argument configApSsid/configApPassphrase/srpLogin/srpPassword can lead to os command injection. The attack may be launched remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-Linksys Holdings, Inc.
Product-mr9600_firmwaremr9600MR9600
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-6103
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-2.50% / 82.74%
||
7 Day CHG~0.00%
Published-16 Jun, 2025 | 03:00
Updated-16 Jun, 2025 | 18:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Wifi-soft UniBox Controller test_accesscodelogin.php os command injection

A vulnerability, which was classified as critical, has been found in Wifi-soft UniBox Controller up to 20250506. Affected by this issue is some unknown functionality of the file /billing/test_accesscodelogin.php. The manipulation of the argument Password leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-Wifi-soft
Product-UniBox Controller
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-45578
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-8.8||HIGH
EPSS-0.32% / 23.61%
||
7 Day CHG~0.00%
Published-29 May, 2026 | 13:14
Updated-01 Jun, 2026 | 18:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WWBN AVideo Live: OS command injection in on_publish.php execAsync via unescaped m3u8 URL

WWBN AVideo is an open source video platform. In 29.0 and earlier, there is a classic shell-metacharacter injection. The YPTSocket notification branch in plugin/Live/on_publish.php builds an execAsync() command line by string concatenation, single-quoting each argument but never calling escapeshellarg(). A ' in any of the three interpolated values ($users_id, $m3u8, $obj->liveTransmitionHistory_id) closes the quoted token and lets the attacker append arbitrary commands.

Action-Not Available
Vendor-wwbnWWBN
Product-avideoAVideo
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-0830
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-20.86% / 97.24%
||
7 Day CHG~0.00%
Published-14 Feb, 2023 | 16:13
Updated-01 May, 2025 | 15:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
EasyNAS backup.pl system os command injection

A vulnerability classified as critical has been found in EasyNAS 1.1.0. Affected is the function system of the file /backup.pl. The manipulation leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component.

Action-Not Available
Vendor-easynasn/a
Product-easynasEasyNAS
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-5351
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-4.46% / 90.26%
||
7 Day CHG~0.00%
Published-02 Apr, 2026 | 15:45
Updated-07 Apr, 2026 | 17:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Trendnet TEW-657BRM setup.cgi add_wps_client os command injection

A weakness has been identified in Trendnet TEW-657BRM 1.00.1. This affects the function add_wps_client of the file /setup.cgi. This manipulation of the argument wl_enrolee_pin causes os command injection. The attack may be initiated remotely. The exploit has been made available to the public and could be used for attacks. The vendor confirms, that "[t]he product in question (...) has been discontinued and end of life since June 23, 2011, that is more than 14 years ago. We no longer provide support for this product, so we are not able to confirm the vulnerabilities. We will make an announcement on our website's product support page and notify customers who registered their products with us." This vulnerability only affects products that are no longer supported by the maintainer.

Action-Not Available
Vendor-TRENDnet, Inc.
Product-tew-657brm_firmwaretew-657brmTEW-657BRM
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-45431
Matching Score-4
Assigner-Indian Computer Emergency Response Team (CERT-In)
ShareView Details
Matching Score-4
Assigner-Indian Computer Emergency Response Team (CERT-In)
CVSS Score-8.7||HIGH
EPSS-0.39% / 30.79%
||
7 Day CHG~0.00%
Published-04 Jun, 2026 | 12:04
Updated-04 Jun, 2026 | 13:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Command Injection Vulnerability in GX Earth ONT Models

This vulnerability exists in GX Earth ONT models due to improper handling of user-supplied input in multiple diagnostic functions in its web management interface. An authenticated remote attacker could exploit this vulnerability by injecting arbitrary and executing OS commands on the targeted device. Successful exploitation of this vulnerability could allow the attacker to perform remote code execution with root privileges on the targeted device.

Action-Not Available
Vendor-GX INDIA
Product-GX Earth 2022GX Earth 1010
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-35789
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-2.65% / 83.81%
||
7 Day CHG~0.00%
Published-29 Dec, 2020 | 23:40
Updated-04 Aug, 2024 | 17:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NETGEAR NMS300 devices before 1.6.0.27 are affected by command injection by an authenticated user.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-nms300_firmwarenms300n/a
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-13481
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-8.8||HIGH
EPSS-0.40% / 32.34%
||
7 Day CHG~0.00%
Published-11 Dec, 2025 | 19:47
Updated-15 Dec, 2025 | 19:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IBM Aspera Orchestrator Command Injection

IBM Aspera Orchestrator 4.0.0 through 4.1.0 could allow an authenticated user to execute arbitrary commands with elevated privileges on the system due to improper validation of user supplied input.

Action-Not Available
Vendor-IBM CorporationLinux Kernel Organization, Inc
Product-aspera_orchestratorlinux_kernelAspera Orchestrator
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-59156
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-9.4||CRITICAL
EPSS-0.95% / 56.89%
||
7 Day CHG~0.00%
Published-05 Jan, 2026 | 17:39
Updated-12 Jan, 2026 | 15:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Coolify has Docker Compose Injection issue

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0.0-beta.420.7, a Remote Code Execution (RCE)*vulnerability exists in Coolify's application deployment workflow. This flaw allows a low-privileged member to inject arbitrary Docker Compose directives during project creation or updates. By defining a malicious service that mounts the host filesystem, an attacker can achieve root-level command execution on the host OS, completely bypassing container isolation. Version 4.0.0-beta.420.7 contains a patch for the issue.

Action-Not Available
Vendor-coollabscoollabsio
Product-coolifycoolify
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-58180
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-19.31% / 97.00%
||
7 Day CHG~0.00%
Published-09 Sep, 2025 | 19:34
Updated-18 Sep, 2025 | 17:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
OctoPrint is Vulnerable to RCE Attacks via Unsanitized Filename in File Upload

OctoPrint provides a web interface for controlling consumer 3D printers. OctoPrint versions up until and including 1.11.2 contain a vulnerability that allows an authenticated attacker to upload a file under a specially crafted filename that will allow arbitrary command execution if said filename becomes included in a command defined in a system event handler and said event gets triggered. If no event handlers executing system commands with uploaded filenames as parameters have been configured, this vulnerability does not have an impact. The vulnerability is patched in version 1.11.3. As a workaround, OctoPrint administrators who have event handlers configured that include any kind of filename based placeholders should disable those by setting their `enabled` property to `False` or unchecking the "Enabled" checkbox in the GUI based Event Manager. Alternatively, OctoPrint administrators should set `feature.enforceReallyUniversalFilenames` to `true` in `config.yaml` and restart OctoPrint, then vet the existing uploads and make sure to delete any suspicious looking files. As always, OctoPrint administrators are advised to not expose OctoPrint on hostile networks like the public internet, and to vet who has access to their instance.

Action-Not Available
Vendor-octoprintOctoPrint
Product-octoprintOctoPrint
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-50793
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.7||HIGH
EPSS-2.79% / 84.67%
||
7 Day CHG~0.00%
Published-30 Dec, 2025 | 22:41
Updated-13 Jan, 2026 | 14:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x Authenticated Command Injection via www-data-handler.php

SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x contains an authenticated command injection vulnerability in the www-data-handler.php script that allows attackers to inject system commands through the 'services' POST parameter. Attackers can exploit this vulnerability by crafting malicious 'services' parameter values to execute arbitrary system commands with www-data user privileges.

Action-Not Available
Vendor-sound4SOUND4 Ltd.Kantar Media
Product-wm2_firmwarepulse_eco_firmwareimpact_ecowm2pulseimpact_eco_firmwarefirstimpact_firmwarebig_voice2_firmwarefirst_firmwarepulse_ecostream_extensionimpactpulse_firmwarebig_voice4_firmwarebig_voice2big_voice4Impact/Pulse/FirstBigVoice4StreamWM2Impact/Pulse EcoBigVoice2
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-13306
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-7.16% / 93.51%
||
7 Day CHG~0.00%
Published-17 Nov, 2025 | 23:32
Updated-08 Jan, 2026 | 17:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
D-Link DWR-M920/DWR-M921/DIR-822K/DIR-825M formDebugDiagnosticRun system command injection

A security vulnerability has been detected in D-Link DWR-M920, DWR-M921, DIR-822K and DIR-825M 1.1.5. Impacted is the function system of the file /boafrm/formDebugDiagnosticRun. The manipulation of the argument host leads to command injection. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used.

Action-Not Available
Vendor-D-Link Corporation
Product-dwr-m921dir-822kdwr-m920dwr-m920_firmwaredir-822k_firmwaredir-825m_firmwaredwr-m921_firmwaredir-825mDWR-M921DIR-825MDIR-822KDWR-M920
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-21433
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-9.9||CRITICAL
EPSS-2.96% / 85.53%
||
7 Day CHG~0.00%
Published-09 Apr, 2021 | 17:55
Updated-03 Aug, 2024 | 18:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Remote code execution on discord-recon .dirsearch and .arjun commands due to improper input validation

Discord Recon Server is a bot that allows you to do your reconnaissance process from your Discord. Remote code execution in version 0.0.1 would allow remote users to execute commands on the server resulting in serious issues. This flaw is patched in 0.0.2.

Action-Not Available
Vendor-demon1aDEMON1A
Product-discord-reconDiscord-Recon
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-13943
Matching Score-4
Assigner-Zyxel Corporation
ShareView Details
Matching Score-4
Assigner-Zyxel Corporation
CVSS Score-8.8||HIGH
EPSS-1.40% / 69.13%
||
7 Day CHG~0.00%
Published-24 Feb, 2026 | 02:38
Updated-26 Feb, 2026 | 14:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A post-authentication command injection vulnerability in the log file download function of the Zyxel EX3301-T0 firmware versions through 5.50(ABVY.7)C0 could allow an authenticated attacker to execute operating system (OS) commands on an affected device.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-dx4510-b0_firmwareex5601-t1_firmwareex5510-b0ex5512-t0vmg4005-b50aax7501-b1_firmwaregm4100-b0_firmwareex7501-b0_firmwarepm5100-t1dx3300-t1_firmwareex3510-b1pm5100-t0_firmwarewx3401-b1_firmwareemg6726-b10a_firmwarevmg3625-t50bpx3321-t1ex3501-t0_firmwareex7710-b0_firmwaredx4510-b0dm4200-b0ee5301-00vmg4005-b60a_firmwareemg3525-t50b_firmwarepm3100-t0pm7300-t0_firmwareee3301-00pe3301-00dx5401-b1ex2210-t0_firmwaregm4100-b0px5301-t0vmg4927-b50a_firmwareex5401-b1_firmwareemg3525-t50bam7510-00_firmwareex5510-b0_firmwarewx3100-t0dx5401-b1_firmwareex5601-t1ee3301-00_firmwarevmg4927-b50apm7300-t0pe5301-01ex2210-t0wx5610-b0_firmwarevmg8623-t50b_firmwarewx3401-b1wx5610-b0dx3301-t0ex3301-t0ex3510-b0we4600-00_firmwarepm7500-00_firmwareee5301-00_firmwareex7501-b0ex5401-b1wx5600-t0_firmwarepm5100-t1_firmwareee6510-10ex3510-b1_firmwareex3500-t0ex3600-t0px5301-t0_firmwareex3300-t1_firmwaredx4510-b1emg6726-b10awe4600-00dx3301-t0_firmwareex3500-t0_firmwarevmg3625-t50b_firmwarepm7500-00vmg4005-b50a_firmwarevmg8623-t50bex5601-t0_firmwarewe3300-00_firmwareex3301-t0_firmwarevmg4005-b60adx3300-t0ee6510-10_firmwaredm4200-b0_firmwareex5601-t0dx3300-t1ex3510-b0_firmwareex7710-b0wx3100-t0_firmwareex3300-t0ex3300-t1we3300-00ex5512-t0_firmwarepm5100-t0wx5600-t0ex3300-t0_firmwareemg5523-t50b_firmwarepx3321-t1_firmwaredx4510-b1_firmwareex3501-t0pe5301-01_firmwareex3600-t0_firmwareax7501-b1dx3300-t0_firmwarepe3301-00_firmwareemg5523-t50bpm3100-t0_firmwaream7510-00EX3301-T0 firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-13686
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-6.3||MEDIUM
EPSS-0.34% / 26.43%
||
7 Day CHG~0.00%
Published-03 Mar, 2026 | 20:51
Updated-04 Mar, 2026 | 03:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
DataStage on Cloud Pak for Data is vulnerable to arbitrary code injection due to runtime environment

IBM DataStage on Cloud Pak for Data 5.1.2 through 5.3.0 could allow an authenticated user to execute arbitrary commands with normal user privileges on the system due to improper validation of user supplied input through the job subroutine component.

Action-Not Available
Vendor-IBM Corporation
Product-datastage_on_cloud_pak_for_dataDataStage on Cloud Pak for Data
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-13688
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-6.3||MEDIUM
EPSS-0.34% / 26.43%
||
7 Day CHG~0.00%
Published-03 Mar, 2026 | 20:44
Updated-04 Mar, 2026 | 03:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
DataStage on Cloud Pak for Data is vulnerable to arbitrary code injection due to runtime environment

IBM DataStage on Cloud Pak for Data 5.1.2 through 5.3.0 could allow an authenticated user to execute arbitrary commands with normal user privileges on the system due to improper validation of user supplied input through the wrapped command component.

Action-Not Available
Vendor-IBM Corporation
Product-datastage_on_cloud_pak_for_dataDataStage on Cloud Pak for Data
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-13687
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-6.3||MEDIUM
EPSS-0.34% / 26.43%
||
7 Day CHG~0.00%
Published-03 Mar, 2026 | 20:45
Updated-04 Mar, 2026 | 03:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
DataStage on Cloud Pak for Data is vulnerable to arbitrary code injection due to runtime environment

IBM DataStage on Cloud Pak for Data 5.1.2 through 5.3.0 could allow an authenticated user to execute arbitrary commands with normal user privileges on the system due to improper validation of user supplied input through the user-defined function component.

Action-Not Available
Vendor-IBM Corporation
Product-datastage_on_cloud_pak_for_dataDataStage on Cloud Pak for Data
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2017-12120
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-8.8||HIGH
EPSS-4.33% / 90.00%
||
7 Day CHG~0.00%
Published-14 May, 2018 | 20:00
Updated-16 Sep, 2024 | 16:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An exploitable command injection vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP POST can cause a privilege escalation, resulting in a root shell. An attacker can inject OS commands into the ip= parm in the "/goform/net_WebPingGetValue" URI to trigger this vulnerability.

Action-Not Available
Vendor-Moxa Inc.Talos (Cisco Systems, Inc.)
Product-edr-810_firmwareedr-810Moxa
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2017-12121
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-8.8||HIGH
EPSS-4.33% / 90.00%
||
7 Day CHG~0.00%
Published-14 May, 2018 | 20:00
Updated-16 Sep, 2024 | 18:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An exploitable command injection vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP POST can cause a privilege escalation resulting in root shell. An attacker can inject OS commands into the rsakey\_name= parm in the "/goform/WebRSAKEYGen" uri to trigger this vulnerability.

Action-Not Available
Vendor-Moxa Inc.Talos (Cisco Systems, Inc.)
Product-edr-810_firmwareedr-810Moxa
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-57457
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-1.16% / 63.29%
||
7 Day CHG~0.00%
Published-08 Oct, 2025 | 00:00
Updated-08 Oct, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An OS Command Injection vulnerability in the Admin panel in Curo UC300 5.42.1.7.1.63R1 allows local attackers to inject arbitrary OS Commands via the "IP Addr" parameter.

Action-Not Available
Vendor-n/a
Product-n/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-56123
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-2.31% / 81.27%
||
7 Day CHG~0.00%
Published-11 Dec, 2025 | 00:00
Updated-27 Jan, 2026 | 17:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

OS Command Injection vulnerability in Ruijie RG-EW1200G PRO RG-EW1200G PRO V1.00/V2.00/V3.00/V4.00 allowing attackers to execute arbitrary commands via a crafted POST request to the module_get in file /usr/local/lua/dev_sta/networkConnect.lua.

Action-Not Available
Vendor-n/aRuijie Networks Co., Ltd.
Product-rg-ew1200g_pro_firmwarerg-ew1300g_firmwarerg-ew1200g_prorg-ew1300gn/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-56092
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-2.49% / 82.67%
||
7 Day CHG~0.00%
Published-11 Dec, 2025 | 00:00
Updated-29 Jan, 2026 | 14:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

OS Command Injection vulnerability in Ruijie X30 PRO V1 X30-PRO-V1_09241521 allowing attackers to execute arbitrary commands via a crafted POST request to the module_get in file /usr/local/lua/dev_sta/networkConnect.lua.

Action-Not Available
Vendor-n/aRuijie Networks Co., Ltd.
Product-rg-ew300t_firmwarex30_pro_firmwarerg-ew300tx30_pron/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2017-12125
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-8.8||HIGH
EPSS-4.02% / 89.34%
||
7 Day CHG~0.00%
Published-14 May, 2018 | 20:00
Updated-16 Sep, 2024 | 19:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An exploitable command injection vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP POST can cause a privilege escalation resulting in root shell. An attacker can inject OS commands into the CN= parm in the "/goform/net_WebCSRGen" uri to trigger this vulnerability.

Action-Not Available
Vendor-Moxa Inc.Talos (Cisco Systems, Inc.)
Product-edr-810_firmwareedr-810Moxa
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-20017
Matching Score-4
Assigner-SonicWall, Inc.
ShareView Details
Matching Score-4
Assigner-SonicWall, Inc.
CVSS Score-8.8||HIGH
EPSS-1.85% / 76.51%
||
7 Day CHG~0.00%
Published-13 Mar, 2021 | 02:10
Updated-03 Aug, 2024 | 17:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A post-authenticated command injection vulnerability in SonicWall SMA100 allows an authenticated attacker to execute OS commands as a 'nobody' user. This vulnerability impacts SMA100 version 10.2.0.5 and earlier.

Action-Not Available
Vendor-SonicWall Inc.
Product-sma100sma100_firmwareSMA100
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-3224
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-8.8||HIGH
EPSS-1.81% / 76.00%
||
7 Day CHG~0.00%
Published-03 Jun, 2020 | 17:42
Updated-15 Nov, 2024 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XE Software Web UI Command Injection Vulnerability

A vulnerability in the web-based user interface (web UI) of Cisco IOS XE Software could allow an authenticated, remote attacker with read-only privileges to inject IOS commands to an affected device. The injected commands should require a higher privilege level in order to be executed. The vulnerability is due to insufficient input validation of specific HTTP requests. An attacker could exploit this vulnerability by sending crafted HTTP requests to a specific web UI endpoint on an affected device. A successful exploit could allow the attacker to inject IOS commands to the affected device, which could allow the attacker to alter the configuration of the device or cause a denial of service (DoS) condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xeCisco IOS XE Software 16.11.1
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-56110
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-2.67% / 83.89%
||
7 Day CHG~0.00%
Published-11 Dec, 2025 | 00:00
Updated-26 Jan, 2026 | 19:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing attackers to execute arbitrary commands via a crafted POST request to the action_deal_update in file /usr/lib/lua/luci/controller/api/rcmsAPI.lua.

Action-Not Available
Vendor-n/aRuijie Networks Co., Ltd.
Product-rg-bcr860_firmwarerg-bcr860n/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-11138
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-4.20% / 89.73%
||
7 Day CHG~0.00%
Published-29 Sep, 2025 | 03:02
Updated-10 Oct, 2025 | 18:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
mirweiye wenkucms common.php createPathOne os command injection

A vulnerability was found in mirweiye wenkucms up to 3.4. This impacts the function createPathOne of the file app/common/common.php. The manipulation results in os command injection. The attack may be launched remotely. The exploit has been made public and could be used.

Action-Not Available
Vendor-wenkucms_projectmirweiye
Product-wenkucmswenkucms
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-56085
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-2.55% / 83.15%
||
7 Day CHG~0.00%
Published-11 Dec, 2025 | 00:00
Updated-26 Dec, 2025 | 15:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

OS Command Injection vulnerability in Ruijie RG-EW1200 EW_3.0(1)B11P227_EW1200_11130208RG-EW1200 V1.00 allowing attackers to execute arbitrary commands via a crafted POST request to the module_set in file /usr/local/lua/dev_config/config_retain.lua.

Action-Not Available
Vendor-n/aRuijie Networks Co., Ltd.
Product-rg-ew1200rg-ew300_prorg-ew1200_firmwarerg-ew300_pro_firmwaren/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-11285
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-7.79% / 93.94%
||
7 Day CHG-0.11%
Published-05 Oct, 2025 | 06:02
Updated-09 Oct, 2025 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
samanhappy MCPHub serverController.ts os command injection

A vulnerability was found in samanhappy MCPHub up to 0.9.10. Affected by this issue is some unknown functionality of the file src/controllers/serverController.ts. The manipulation of the argument command/args results in os command injection. The attack can be launched remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-mcphubxsamanhappy
Product-mcphubMCPHub
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-56120
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-2.31% / 81.27%
||
7 Day CHG~0.00%
Published-11 Dec, 2025 | 00:00
Updated-23 Dec, 2025 | 15:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

OS Command Injection vulnerability in Ruijie X60 PRO X60_10212014RG-X60 PRO V1.00/V2.00 allowing attackers to execute arbitrary commands via a crafted POST request to the module_set in file /usr/local/lua/dev_config/config_retain.lua.

Action-Not Available
Vendor-n/aRuijie Networks Co., Ltd.
Product-rg-ew1200_firmwarerg-x60_pro_firmwarerg-ew1200rg-x60_pron/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-6201
Matching Score-4
Assigner-TR-CERT (Computer Emergency Response Team of the Republic of Türkiye)
ShareView Details
Matching Score-4
Assigner-TR-CERT (Computer Emergency Response Team of the Republic of Türkiye)
CVSS Score-8.8||HIGH
EPSS-1.59% / 72.75%
||
7 Day CHG~0.00%
Published-28 Nov, 2023 | 11:32
Updated-20 May, 2026 | 12:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Command Injection in Univera Panorama Framework

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Univera Computer System Panorama allows Command Injection. This issue affects Panorama: before 8.0.

Action-Not Available
Vendor-univeraUnivera Computer Systemunivera
Product-panoramaPanoramapanorama
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-40520
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.6||HIGH
EPSS-1.38% / 68.77%
||
7 Day CHG~0.00%
Published-21 Apr, 2026 | 12:41
Updated-23 Apr, 2026 | 16:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FreePBX api module Command Injection via GraphQL

FreePBX api module version 17.0.8 and prior contain a command injection vulnerability in the initiateGqlAPIProcess() function where GraphQL mutation input fields are passed directly to shell_exec() without sanitization or escaping. An authenticated user with a valid bearer token can send a GraphQL moduleOperations mutation with backtick-wrapped commands in the module field to execute arbitrary commands on the underlying host as the web server user.

Action-Not Available
Vendor-FreePBX
Product-apiapi
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-11787
Matching Score-4
Assigner-Spanish National Cybersecurity Institute, S.A. (INCIBE)
ShareView Details
Matching Score-4
Assigner-Spanish National Cybersecurity Institute, S.A. (INCIBE)
CVSS Score-8.5||HIGH
EPSS-0.92% / 55.81%
||
7 Day CHG+0.03%
Published-02 Dec, 2025 | 13:02
Updated-03 Dec, 2025 | 19:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Command injection vulnerability in Circutor SGE-PLC1000/SGE-PLC50

Command injection vulnerability in the operating system in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2 through the 'GetDNS()', 'CheckPing()' and 'TraceRoute()' functions.

Action-Not Available
Vendor-circutorSGE-PLC1000 SGE-PLC50
Product-sge-plc50_firmwaresge-plc1000_firmwaresge-plc50sge-plc1000Circutor
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-9478
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-3.11% / 86.18%
||
7 Day CHG~0.00%
Published-13 Apr, 2020 | 14:14
Updated-04 Aug, 2024 | 10:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Rubrik 5.0.3-2296. An OS command injection vulnerability allows an authenticated attacker to remotely execute arbitrary code on Rubrik-managed systems.

Action-Not Available
Vendor-rubrikn/a
Product-cdmn/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-5677
Matching Score-4
Assigner-Axis Communications AB
ShareView Details
Matching Score-4
Assigner-Axis Communications AB
CVSS Score-6.3||MEDIUM
EPSS-0.56% / 42.51%
||
7 Day CHG~0.00%
Published-05 Feb, 2024 | 05:20
Updated-17 Jun, 2025 | 21:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Brandon Rothel from QED Secure Solutions and Sam Hanson of Dragos have found that the VAPIX API tcptest.cgi did not have a sufficient input validation allowing for a possible remote code execution. This flaw can only be exploited after authenticating with an operator- or administrator-privileged service account. The impact of exploiting this vulnerability is lower with operator-privileges compared to administrator-privileges service accounts. Please refer to the Axis security advisory for more information and solution.

Action-Not Available
Vendor-axisAxis Communications AB
Product-q7424-r_mk_iim3024-lve_firmwareq7404q7404_firmwarem7014_firmwarep7216q7414_firmwarem7016m7016_firmwarem3025-vep7216_firmwareq7424-r_mk_ii_firmwarep7214_firmwareq7401_firmwarem3024-lveq7401m7014p7214q7414p1214-e_firmwarep1214-em3025-ve_firmwareAXIS OS
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2020-8949
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-2.83% / 84.89%
||
7 Day CHG~0.00%
Published-12 Feb, 2020 | 18:21
Updated-04 Aug, 2024 | 10:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Gocloud S2A_WL 4.2.7.16471, S2A 4.2.7.17278, S2A 4.3.0.15815, S2A 4.3.0.17193, S3A K2P MTK 4.2.7.16528, S3A 4.3.0.16572, and ISP3000 4.3.0.17190 devices allows remote attackers to execute arbitrary OS commands via shell metacharacters in a ping operation, as demonstrated by the cgi-bin/webui/admin/tools/app_ping/diag_ping/; substring.

Action-Not Available
Vendor-gocloudn/a
Product-s2as2a_firmwares2a_wlisp3000_firmwares3aisp3000s3a_k2p_mtks2a_wl_firmwares3a_k2p_mtk_firmwares3a_firmwaren/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-6357
Matching Score-4
Assigner-CERT@VDE
ShareView Details
Matching Score-4
Assigner-CERT@VDE
CVSS Score-8.8||HIGH
EPSS-0.96% / 57.15%
||
7 Day CHG~0.00%
Published-05 Dec, 2023 | 14:29
Updated-02 Aug, 2024 | 08:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
OS Command Injection in multiple CODESYS products

A low-privileged remote attacker could exploit the vulnerability and inject additional system commands via file system libraries which could give the attacker full control of the device.

Action-Not Available
Vendor-CODESYS GmbH
Product-control_for_pfc200_slcontrol_for_pfc100_slcontrol_for_empc-a\/imx6control_for_iot2000_slcontrol_for_wago_touch_panels_600_slruntime_toolkitcontrol_for_raspberry_pi_slcontrol_for_beaglebone_slcontrol_for_linux_arm_slcontrol_for_plcnext_slcontrol_for_linux_slCODESYS Control for Linux SLCODESYS Control for PLCnext SLCODESYS Control for Raspberry Pi SLCODESYS Control for WAGO Touch Panels 600 SLCODESYS Control for PFC200 SLCODESYS Control for PFC100 SLCODESYS Control for Linux ARM SLCODESYS Runtime Toolkit for Linux or QNXCODESYS Control for IOT2000 SLCODESYS Control for emPC-A/iMX6 SLCODESYS Control for BeagleBone SL
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-56118
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-2.24% / 80.72%
||
7 Day CHG~0.00%
Published-11 Dec, 2025 | 00:00
Updated-23 Dec, 2025 | 15:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

OS Command Injection vulnerability in Ruijie X60 PRO X60_10212014RG-X60 PRO V1.00/V2.00 allowing attackers to execute arbitrary commands via a crafted POST request to the module_set in file /usr/local/lua/dev_sta/nbr_cwmp.lua.

Action-Not Available
Vendor-n/aRuijie Networks Co., Ltd.
Product-rg-ew3200gxrg-ew3200gx_firmwarerg-x60_pro_firmwarerg-x60_pron/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • ...
  • 22
  • 23
  • Next
Details not found