Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.

CVEs (5,964)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-46658 - - Oct 7, 2024 Oct 3, 2024 N/A· v4 8.0 HIGH· v3 N/A· v2 Syrotech SY-GOPON-8OLT-L3 v1.6.0_240629 was discovered to contain an authenticated command injection vulnerability.
CVE-2024-41585 1Draytek 1Vigor3910 Firmware Apr 10, 2025 Oct 3, 2024 N/A· v4 6.8 MEDIUM· v3 N/A· v2 DrayTek Vigor3910 devices through 4.3.2.6 are affected by an OS command injection vulnerability that allows an attacker to leverage the recvCmd binary to escape from the emulated instance and inject arbitrary commands in...Show more DrayTek Vigor3910 devices through 4.3.2.6 are affected by an OS command injection vulnerability that allows an attacker to leverage the recvCmd binary to escape from the emulated instance and inject arbitrary commands into the host machine.Show less
CVE-2024-45519 1Synacor 1Zimbra Collaboration Suite Nov 4, 2025 Oct 2, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 The postjournal service in Zimbra Collaboration (ZCS) before 8.8.15 Patch 46, 9 before 9.0.0 Patch 41, 10 before 10.0.9, and 10.1 before 10.1.1 sometimes allows unauthenticated users to execute commands.
CVE-2024-9441 - - Oct 4, 2024 Oct 2, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 The Linear eMerge e3-Series through version 1.00-07 is vulnerable to an OS command injection vulnerability. A remote and unauthenticated attacker can execute arbitrary OS commands via the login_id parameter when invoking...Show more The Linear eMerge e3-Series through version 1.00-07 is vulnerable to an OS command injection vulnerability. A remote and unauthenticated attacker can execute arbitrary OS commands via the login_id parameter when invoking the forgot_password functionality over HTTP.Show less
CVE-2024-47608 1Definetlynotai 1Logicytics Oct 7, 2024 Oct 1, 2024 6.9 MEDIUM· v4 9.8 CRITICAL· v3 N/A· v2 Logicytics is designed to harvest and collect data for forensic analysis. Logicytics has a basic vuln affecting compromised devices from shell injections. This vulnerability is fixed in 2.3.2.
CVE-2024-21531 - - Oct 4, 2024 Oct 1, 2024 N/A· v4 5.3 MEDIUM· v3 N/A· v2 All versions of the package git-shallow-clone are vulnerable to Command injection due to missing sanitization or mitigation flags in the process variable of the gitShallowClone function.
CVE-2024-23961 1Alpsalpine 1Ilx F509 Firmware Oct 3, 2024 Sep 28, 2024 N/A· v4 6.8 MEDIUM· v3 N/A· v2 Alpine Halo9 UPDM_wemCmdUpdFSpeDecomp Command Injection Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Alpine Halo9 devi...Show more Alpine Halo9 UPDM_wemCmdUpdFSpeDecomp Command Injection Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Alpine Halo9 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the UPDM_wemCmdUpdFSpeDecomp function. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-23306Show less
CVE-2024-23924 1Alpsalpine 1Ilx F509 Firmware Oct 3, 2024 Sep 28, 2024 N/A· v4 6.8 MEDIUM· v3 N/A· v2 Alpine Halo9 UPDM_wemCmdCreatSHA256Hash Command Injection Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Alpine Halo9 de...Show more Alpine Halo9 UPDM_wemCmdCreatSHA256Hash Command Injection Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Alpine Halo9 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the UPDM_wemCmdCreatSHA256Hash function. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-23105Show less
CVE-2024-33368 1Plasmoapp 1Rpshare Jul 10, 2025 Sep 27, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 An issue in Plasmoapp RPShare Fabric mod v.1.0.0 allows a remote attacker to execute arbitrary code via the build method in DonwloadPromptScreen
CVE-2024-46628 1Tendacn 1G3 Firmware Oct 4, 2024 Sep 26, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Tenda G3 Router firmware v15.03.05.05 was discovered to contain a remote code execution (RCE) vulnerability via the usbPartitionName parameter in the formSetUSBPartitionUmount function.
CVE-2024-9166 - - Sep 30, 2024 Sep 26, 2024 9.3 CRITICAL· v4 N/A· v3 N/A· v2 The device enables an unauthorized attacker to execute system commands with elevated privileges. This exploit is facilitated through the use of the 'getcommand' query within the application, allowing the attacker to gain...Show more The device enables an unauthorized attacker to execute system commands with elevated privileges. This exploit is facilitated through the use of the 'getcommand' query within the application, allowing the attacker to gain root access.Show less
CVE-2024-46330 1Vonets 1Vap11g 300 Firmware Jun 4, 2025 Sep 26, 2024 N/A· v4 7.4 HIGH· v3 N/A· v2 VONETS VAP11G-300 v3.3.23.6.9 was discovered to contain a command injection vulnerability via the iptablesWebsFilterRun object.
CVE-2024-46329 1Vonets 1Vap11g 300 Firmware May 29, 2025 Sep 26, 2024 N/A· v4 8.0 HIGH· v3 N/A· v2 VONETS VAP11G-300 v3.3.23.6.9 was discovered to contain a command injection vulnerability via the SystemCommand object.
CVE-2024-44678 - - Sep 26, 2024 Sep 25, 2024 N/A· v4 8.0 HIGH· v3 N/A· v2 Gigastone TR1 Travel Router R101 v1.0.2 is vulnerable to Command Injection. This allows an authenticated attacker to execute arbitrary commands on the device by sending a crafted HTTP request to the ssid parameter in the...Show more Gigastone TR1 Travel Router R101 v1.0.2 is vulnerable to Command Injection. This allows an authenticated attacker to execute arbitrary commands on the device by sending a crafted HTTP request to the ssid parameter in the request.Show less
CVE-2024-9076 1Dedecms 1Dedecms Nov 28, 2024 Sep 22, 2024 5.1 MEDIUM· v4 8.8 HIGH· v3 5.8 MEDIUM· v2 A vulnerability was found in DedeCMS up to 5.7.115. It has been rated as critical. This issue affects some unknown processing of the file /dede/article_string_mix.php. The manipulation leads to os command injection. The...Show more A vulnerability was found in DedeCMS up to 5.7.115. It has been rated as critical. This issue affects some unknown processing of the file /dede/article_string_mix.php. The manipulation leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2024-9004 1Dlink 1Dar 7000 Firmware Sep 23, 2024 Sep 19, 2024 5.3 MEDIUM· v4 9.8 CRITICAL· v3 6.5 MEDIUM· v2 A vulnerability classified as critical has been found in D-Link DAR-7000 up to 20240912. Affected is an unknown function of the file /view/DBManage/Backup_Server_commit.php. The manipulation of the argument host leads to...Show more A vulnerability classified as critical has been found in D-Link DAR-7000 up to 20240912. Affected is an unknown function of the file /view/DBManage/Backup_Server_commit.php. The manipulation of the argument host leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.Show less
CVE-2024-9001 1Totolink 1T10 Firmware Sep 24, 2024 Sep 19, 2024 5.3 MEDIUM· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 A vulnerability was found in TOTOLINK T10 4.1.8cu.5207. It has been declared as critical. This vulnerability affects the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument comman...Show more A vulnerability was found in TOTOLINK T10 4.1.8cu.5207. It has been declared as critical. This vulnerability affects the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument command leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2023-47105 - - Sep 20, 2024 Sep 18, 2024 N/A· v4 8.6 HIGH· v3 N/A· v2 exec.CommandContext in Chaosblade 0.3 through 1.7.3, when server mode is used, allows OS command execution via the cmd parameter without authentication.
CVE-2024-43778 - - Sep 20, 2024 Sep 18, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 OS command injection vulnerability in multiple digital video recorders provided by TAKENAKA ENGINEERING CO., LTD. allows a remote authenticated attacker to execute an arbitrary OS command on the device or alter the devic...Show more OS command injection vulnerability in multiple digital video recorders provided by TAKENAKA ENGINEERING CO., LTD. allows a remote authenticated attacker to execute an arbitrary OS command on the device or alter the device settings.Show less
CVE-2024-8957 1Ptzoptics 2Pt30x Ndi Xx G2 Firmware Pt30x Sdi Firmware Oct 27, 2025 Sep 17, 2024 N/A· v4 7.2 HIGH· v3 N/A· v2 PTZOptics PT30X-SDI/NDI-xx before firmware 6.3.40 is vulnerable to an OS command injection issue. The camera does not sufficiently validate the ntp_addr configuration value which may lead to arbitrary command execution w...Show more PTZOptics PT30X-SDI/NDI-xx before firmware 6.3.40 is vulnerable to an OS command injection issue. The camera does not sufficiently validate the ntp_addr configuration value which may lead to arbitrary command execution when ntp_client is started. When chained with CVE-2024-8956, a remote and unauthenticated attacker can execute arbitrary OS commands on affected devices.Show less

Previous 1...103104105...299 Next