Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.

CVEs (5,964)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-22942 1Totolink 1A3300r Firmware Jun 3, 2025 Jan 11, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the hostName parameter in the setWanCfg function.
CVE-2023-51984 1Dlink 1Dir 822 Firmware Jun 16, 2025 Jan 11, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 D-Link DIR-822+ V1.0.2 was found to contain a command injection in SetStaticRouteSettings function. allows remote attackers to execute arbitrary commands via shell.
CVE-2023-52029 1Totolink 1A3700r Firmware Jun 20, 2025 Jan 11, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE) vulnerability via the setDiagnosisCfg function.
CVE-2023-52028 1Totolink 1A3700r Firmware Jun 20, 2025 Jan 11, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE) vulnerability via the setTracerouteCfg function.
CVE-2024-21833 1Tp Link 5Archer Ax3000 Firmware Archer Ax5400 FirmwareArcher Axe75 Firmware+2 more Jun 16, 2025 Jan 11, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 Multiple TP-LINK products allow a network-adjacent unauthenticated attacker with access to the product to execute arbitrary OS commands. The affected device, with the initial configuration, allows login only from the LAN...Show more Multiple TP-LINK products allow a network-adjacent unauthenticated attacker with access to the product to execute arbitrary OS commands. The affected device, with the initial configuration, allows login only from the LAN port or Wi-Fi.Show less
CVE-2024-21821 1Tp Link 3Archer Ax3000 Firmware Archer Ax5400 FirmwareArcher Axe75 Firmware Jun 17, 2025 Jan 11, 2024 N/A· v4 8.0 HIGH· v3 N/A· v2 Multiple TP-LINK products allow a network-adjacent authenticated attacker with access to the product from the LAN port or Wi-Fi to execute arbitrary OS commands.
CVE-2024-21773 1Tp Link 4Archer Ax3000 Firmware Archer Ax5400 FirmwareDeco X50 Firmware+1 more Jun 3, 2025 Jan 11, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 Multiple TP-LINK products allow a network-adjacent unauthenticated attacker with access to the product from the LAN port or Wi-Fi to execute arbitrary OS commands on the product that has pre-specified target devices and...Show more Multiple TP-LINK products allow a network-adjacent unauthenticated attacker with access to the product from the LAN port or Wi-Fi to execute arbitrary OS commands on the product that has pre-specified target devices and blocked URLs in parental control settings.Show less
CVE-2023-51123 1Dlink 1Dir 815 Firmware Jun 20, 2025 Jan 10, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 An issue discovered in D-Link dir815 v.1.01SSb08.bin allows a remote attacker to execute arbitrary code via a crafted POST request to the service parameter in the soapcgi_main function of the cgibin binary component.
CVE-2023-49235 1Trendnet 1Tv Ip1314pi Firmware Jun 20, 2025 Jan 9, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 An issue was discovered in libremote_dbg.so on TRENDnet TV-IP1314PI 5.5.3 200714 devices. Filtering of debug information is mishandled during use of popen. Consequently, an attacker can bypass validation and execute a sh...Show more An issue was discovered in libremote_dbg.so on TRENDnet TV-IP1314PI 5.5.3 200714 devices. Filtering of debug information is mishandled during use of popen. Consequently, an attacker can bypass validation and execute a shell command.Show less
CVE-2023-35964 1Tonybybell 1Gtkwave Nov 4, 2025 Jan 8, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious fi...Show more Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns decompression in the `vcd2lxt` utility.Show less
CVE-2023-35963 1Tonybybell 1Gtkwave Nov 4, 2025 Jan 8, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious fi...Show more Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns decompression in the `vcd2lxt2` utility.Show less
CVE-2023-35962 1Tonybybell 1Gtkwave Nov 4, 2025 Jan 8, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious fi...Show more Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns decompression in the `vcd2vzt` utility.Show less
CVE-2023-35961 1Tonybybell 1Gtkwave Nov 4, 2025 Jan 8, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious fi...Show more Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns decompression in `vcd_recorder_main`.Show less
CVE-2023-35960 1Tonybybell 1Gtkwave Nov 4, 2025 Jan 8, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious fi...Show more Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns legacy decompression in `vcd_main`.Show less
CVE-2023-35959 1Tonybybell 1Gtkwave Nov 4, 2025 Jan 8, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious fi...Show more Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns `.ghw` decompression.Show less
CVE-2023-29048 1Open Xchange 1Ox App Suite Nov 21, 2024 Jan 8, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 A component for parsing OXMF templates could be abused to execute arbitrary system commands that would be executed as the non-privileged runtime user. Users and attackers could run system commands with limited privilege...Show more A component for parsing OXMF templates could be abused to execute arbitrary system commands that would be executed as the non-privileged runtime user. Users and attackers could run system commands with limited privilege to gain unauthorized access to confidential information and potentially violate integrity by modifying resources. The template engine has been reconfigured to deny execution of harmful commands on a system level. No publicly available exploits are known. Show less
CVE-2024-0299 1Totolink 1N200re Firmware Nov 21, 2024 Jan 8, 2024 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A vulnerability was found in Totolink N200RE 9.3.5u.6139_B20201216. It has been declared as critical. Affected by this vulnerability is the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of...Show more A vulnerability was found in Totolink N200RE 9.3.5u.6139_B20201216. It has been declared as critical. Affected by this vulnerability is the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument command leads to os command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-249865 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2024-0298 1Totolink 1N200re Firmware Nov 21, 2024 Jan 8, 2024 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A vulnerability was found in Totolink N200RE 9.3.5u.6139_B20201216. It has been classified as critical. Affected is the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument ip leads...Show more A vulnerability was found in Totolink N200RE 9.3.5u.6139_B20201216. It has been classified as critical. Affected is the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument ip leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-249864. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2024-0297 1Totolink 1N200re Firmware Nov 21, 2024 Jan 8, 2024 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A vulnerability was found in Totolink N200RE 9.3.5u.6139_B20201216 and classified as critical. This issue affects the function UploadFirmwareFile of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument FileNam...Show more A vulnerability was found in Totolink N200RE 9.3.5u.6139_B20201216 and classified as critical. This issue affects the function UploadFirmwareFile of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument FileName leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-249863. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2024-0296 1Totolink 1N200re Firmware Nov 21, 2024 Jan 8, 2024 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A vulnerability has been found in Totolink N200RE 9.3.5u.6139_B20201216 and classified as critical. This vulnerability affects the function NTPSyncWithHost of the file /cgi-bin/cstecgi.cgi. The manipulation of the argume...Show more A vulnerability has been found in Totolink N200RE 9.3.5u.6139_B20201216 and classified as critical. This vulnerability affects the function NTPSyncWithHost of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument host_time leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-249862 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.Show less

Previous 1...130131132...299 Next