Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.

CVEs (5,954)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-43920 1Gnu 1Mailman Apr 28, 2025 Apr 20, 2025 N/A· v4 8.1 HIGH· v3 N/A· v2 GNU Mailman 2.1.39, as bundled in cPanel (and WHM), in certain external archiver configurations, allows unauthenticated attackers to execute arbitrary OS commands via shell metacharacters in an email Subject line. NOTE:...Show more GNU Mailman 2.1.39, as bundled in cPanel (and WHM), in certain external archiver configurations, allows unauthenticated attackers to execute arbitrary OS commands via shell metacharacters in an email Subject line. NOTE: multiple third parties report that they are unable to reproduce this, regardless of whether cPanel or WHM is used.Show less
CVE-2025-3816 1Westboy 1Cicadascms Oct 1, 2025 Apr 19, 2025 5.1 MEDIUM· v4 7.2 HIGH· v3 5.8 MEDIUM· v2 A vulnerability classified as critical was found in westboy CicadasCMS 2.0. This vulnerability affects unknown code of the file /system/schedule/save of the component Scheduled Task Handler. The manipulation leads to os...Show more A vulnerability classified as critical was found in westboy CicadasCMS 2.0. This vulnerability affects unknown code of the file /system/schedule/save of the component Scheduled Task Handler. The manipulation leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.Show less
CVE-2025-29043 1Dlink 1Dir 823x Firmware Apr 25, 2025 Apr 17, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 An issue in dlink DIR 832x 240802 allows a remote attacker to execute arbitrary code via the function 0x417234
CVE-2025-29042 1Dlink 1Dir 823x Firmware Apr 25, 2025 Apr 17, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 An issue in dlink DIR 832x 240802 allows a remote attacker to execute arbitrary code via the macaddr key value to the function 0x42232c
CVE-2025-29041 1Dlink 1Dir 823x Firmware May 1, 2025 Apr 17, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 An issue in dlink DIR 823x 240802 allows a remote attacker to execute arbitrary code via the target_addr key value and the function 0x41710c
CVE-2025-29040 1Dlink 1Dir 823x Firmware May 1, 2025 Apr 17, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 An issue in dlink DIR 823x 240802 allows a remote attacker to execute arbitrary code via the target_addr key value and the function 0x41737c
CVE-2025-3729 1Senior Walter 1Web Based Pharmacy Product Management System Apr 29, 2025 Apr 16, 2025 6.9 MEDIUM· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A vulnerability, which was classified as critical, has been found in SourceCodester Web-based Pharmacy Product Management System 1.0. This issue affects some unknown processing of the file backup.php of the component Dat...Show more A vulnerability, which was classified as critical, has been found in SourceCodester Web-based Pharmacy Product Management System 1.0. This issue affects some unknown processing of the file backup.php of the component Database Backup Handler. The manipulation of the argument txtdbname leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.Show less
CVE-2025-32778 - - Apr 16, 2025 Apr 15, 2025 9.3 CRITICAL· v4 N/A· v3 N/A· v2 Web-Check is an all-in-one OSINT tool for analyzing any website. A command injection vulnerability exists in the screenshot API of the Web Check project (Lissy93/web-check). The issue stems from user-controlled input (ur...Show more Web-Check is an all-in-one OSINT tool for analyzing any website. A command injection vulnerability exists in the screenshot API of the Web Check project (Lissy93/web-check). The issue stems from user-controlled input (url) being passed unsanitized into a shell command using exec(), allowing attackers to execute arbitrary system commands on the underlying host. This could be exploited by sending crafted url parameters to extract files or even establish remote access. The vulnerability has been patched by replacing exec() with execFile(), which avoids using a shell and properly isolates arguments.Show less
CVE-2025-28137 1Totolink 1A810r Firmware Apr 29, 2025 Apr 15, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 The TOTOLINK A810R V4.1.2cu.5182_B20201026 were found to contain a pre-auth remote command execution vulnerability in the setNoticeCfg function through the NoticeUrl parameter.
CVE-2025-0119 - - Apr 15, 2025 Apr 11, 2025 6.3 MEDIUM· v4 N/A· v3 N/A· v2 A command injection vulnerability in the Palo Alto Networks Cortex XDR® Broker VM allows an authenticated user to execute arbitrary OS commands with root privileges on the host operating system running Broker VM.
CVE-2025-32107 - - Apr 11, 2025 Apr 11, 2025 N/A· v4 8.0 HIGH· v3 N/A· v2 OS command injection vulnerability exists in Deco BE65 Pro firmware versions prior to "Deco BE65 Pro(JP)_V1_1.1.2 Build 20250123". If this vulnerability is exploited, an arbitrary OS command may be executed by the user w...Show more OS command injection vulnerability exists in Deco BE65 Pro firmware versions prior to "Deco BE65 Pro(JP)_V1_1.1.2 Build 20250123". If this vulnerability is exploited, an arbitrary OS command may be executed by the user who can log in to the device.Show less
CVE-2025-0127 - - Apr 11, 2025 Apr 11, 2025 7.1 HIGH· v4 N/A· v3 N/A· v2 A command injection vulnerability in Palo Alto Networks PAN-OS® software enables an authenticated administrator to bypass system restrictions and run arbitrary commands as a root user. This issue is only applicable to PA...Show more A command injection vulnerability in Palo Alto Networks PAN-OS® software enables an authenticated administrator to bypass system restrictions and run arbitrary commands as a root user. This issue is only applicable to PAN-OS VM-Series. This issue does not affect firewalls that are already deployed. Cloud NGFW and Prisma® Access are not affected by this vulnerability.Show less
CVE-2025-27797 - - Apr 9, 2025 Apr 9, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 OS command injection vulnerability in the specific service exists in Wi-Fi AP UNIT 'AC-WPS-11ac series'. If exploited, an arbitrary OS command may be executed by a remote attacker who can log in to the product.
CVE-2025-25053 - - Apr 9, 2025 Apr 9, 2025 N/A· v4 8.8 HIGH· v3 N/A· v2 OS command injection vulnerability in the WEB UI (the setting page) exists in Wi-Fi AP UNIT 'AC-WPS-11ac series'. If exploited, an arbitrary OS command may be executed by a remote attacker who can log in to the product.
CVE-2025-30289 1Adobe 1Coldfusion Apr 24, 2025 Apr 8, 2025 N/A· v4 8.2 HIGH· v3 N/A· v2 ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability that could lead in arbitrary code execu...Show more ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability that could lead in arbitrary code execution by an attacker. A low privileged attacker with local access could leverage this vulnerability to bypass security protections and execute code. Exploitation of this issue requires user interaction in that a victim must be coerced into performing actions within the application. Scope is changed.Show less
CVE-2025-30286 1Adobe 1Coldfusion Apr 21, 2025 Apr 8, 2025 N/A· v4 8.4 HIGH· v3 N/A· v2 ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability that could lead in arbitrary code execu...Show more ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability that could lead in arbitrary code execution by an attacker. A high-privileged attacker could leverage this vulnerability to bypass security protections and execute code. Exploitation of this issue requires user interaction and scope is changed.Show less
CVE-2025-27079 - - Apr 8, 2025 Apr 8, 2025 N/A· v4 6.0 MEDIUM· v3 N/A· v2 A vulnerability in the file creation process on the command line interface of AOS-8 Instant and AOS-10 AP could allow an authenticated remote attacker to perform remote code execution (RCE). Successful exploitation could...Show more A vulnerability in the file creation process on the command line interface of AOS-8 Instant and AOS-10 AP could allow an authenticated remote attacker to perform remote code execution (RCE). Successful exploitation could allow an attacker to execute arbitrary operating system commands on the underlying operating system leading to potential system compromise.Show less
CVE-2025-27078 - - Apr 8, 2025 Apr 8, 2025 N/A· v4 6.5 MEDIUM· v3 N/A· v2 A vulnerability in a system binary of AOS-8 Instant and AOS-10 AP could allow an authenticated remote attacker to inject commands into the underlying operating system while using the CLI. Successful exploitation could le...Show more A vulnerability in a system binary of AOS-8 Instant and AOS-10 AP could allow an authenticated remote attacker to inject commands into the underlying operating system while using the CLI. Successful exploitation could lead to complete system compromise.Show less
CVE-2024-54025 1Fortinet 1Fortiisolator Jul 23, 2025 Apr 8, 2025 N/A· v4 6.7 MEDIUM· v3 N/A· v2 An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in Fortinet FortiIsolator CLI before version 2.4.6 allows a privileged attacker to execute unauthorized...Show more An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in Fortinet FortiIsolator CLI before version 2.4.6 allows a privileged attacker to execute unauthorized code or commands via crafted CLI requests.Show less
CVE-2024-54024 1Fortinet 1Fortiisolator Jul 23, 2025 Apr 8, 2025 N/A· v4 7.2 HIGH· v3 N/A· v2 An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in Fortinet FortiIsolator before version 2.4.6 allows a privileged attacker with super-admin profile an...Show more An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in Fortinet FortiIsolator before version 2.4.6 allows a privileged attacker with super-admin profile and CLI access to execute unauthorized code via specifically crafted HTTP requests.Show less

Previous 1...818283...298 Next