Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.

CVEs (5,964)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2022-25962 1Vagrant.js Project 1Vagrant.js Jun 17, 2026 Jan 26, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 All versions of the package vagrant.js are vulnerable to Command Injection via the boxAdd function due to improper input sanitization.
CVE-2022-25908 1Create Choo Electron Project 1Create Choo Electron Jun 17, 2026 Jan 26, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 All versions of the package create-choo-electron are vulnerable to Command Injection via the devInstall function due to improper user-input sanitization.
CVE-2022-25860 1Simple Git Project 1Simple Git Jun 17, 2026 Jan 26, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Versions of the package simple-git before 3.16.0 are vulnerable to Remote Code Execution (RCE) via the clone(), pull(), push() and listRemote() methods, due to improper input sanitization. This vulnerability exists due t...Show more Versions of the package simple-git before 3.16.0 are vulnerable to Remote Code Execution (RCE) via the clone(), pull(), push() and listRemote() methods, due to improper input sanitization. This vulnerability exists due to an incomplete fix of [CVE-2022-25912](https://security.snyk.io/vuln/SNYK-JS-SIMPLEGIT-3112221). Show less
CVE-2022-25350 1Helecloud 1Puppet Facter Jun 17, 2026 Jan 26, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 All versions of the package puppet-facter are vulnerable to Command Injection via the getFact function due to improper input sanitization.
CVE-2022-21810 1Smartctl Project 1Smartctl Jun 17, 2026 Jan 26, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 All versions of the package smartctl are vulnerable to Command Injection via the info method due to improper input sanitization.
CVE-2022-40720 1Dlink 1Dir 2150 Firmware Jun 17, 2026 Jan 26, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 This vulnerability allows network-adjacent attackers to execute arbitrary commands on affected installations of D-Link DIR-2150 4.0.1 routers. Authentication is not required to exploit this vulnerability. The specific fl...Show more This vulnerability allows network-adjacent attackers to execute arbitrary commands on affected installations of D-Link DIR-2150 4.0.1 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Dreambox plugin for the xupnpd service, which listens on TCP port 4044 by default. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of the router. Was ZDI-CAN-15935.Show less
CVE-2022-40719 1Dlink 1Dir 2150 Firmware Jun 17, 2026 Jan 26, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 This vulnerability allows network-adjacent attackers to execute arbitrary commands on affected installations of D-Link DIR-2150 4.0.1 routers. Authentication is not required to exploit this vulnerability. The specific fl...Show more This vulnerability allows network-adjacent attackers to execute arbitrary commands on affected installations of D-Link DIR-2150 4.0.1 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the xupnpd_generic.lua plugin for the xupnpd service, which listens on TCP port 4044 by default. When parsing the feed parameter, the process does not properly validate a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of the service account. Was ZDI-CAN-15906.Show less
CVE-2022-45639 1Sleuthkit 1The Sleuth Kit Jun 17, 2026 Jan 24, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 OS Command injection vulnerability in sleuthkit fls tool 4.11.1 allows attackers to execute arbitrary commands via a crafted value to the m parameter. NOTE: third parties have disputed this because there is no analysis s...Show more OS Command injection vulnerability in sleuthkit fls tool 4.11.1 allows attackers to execute arbitrary commands via a crafted value to the m parameter. NOTE: third parties have disputed this because there is no analysis showing that the backtick command executes outside the context of the user account that entered the command line.Show less
CVE-2022-37718 1Edgenexus 1Application Delivery Controller Jun 17, 2026 Jan 23, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 The management portal component of JetNexus/EdgeNexus ADC 4.2.8 was discovered to contain a command injection vulnerability. This vulnerability allows authenticated attackers to execute arbitrary commands through a speci...Show more The management portal component of JetNexus/EdgeNexus ADC 4.2.8 was discovered to contain a command injection vulnerability. This vulnerability allows authenticated attackers to execute arbitrary commands through a specially crafted payload. This vulnerability can also be exploited from an unauthenticated context via unspecified vectorsShow less
CVE-2022-48126 1Totolink 1A7100ru Firmware Jun 17, 2026 Jan 20, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the username parameter in the setting/setOpenVpnCertGenerationCfg function.
CVE-2022-48125 1Totolink 1A7100ru Firmware Jun 17, 2026 Jan 20, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the password parameter in the setting/setOpenVpnCertGenerationCfg function.
CVE-2022-48124 1Totolink 1A7100ru Firmware Jun 17, 2026 Jan 20, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the FileName parameter in the setting/setOpenVpnCertGenerationCfg function.
CVE-2022-48123 1Totolink 1A7100ru Firmware Jun 17, 2026 Jan 20, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the servername parameter in the setting/delStaticDhcpRules function.
CVE-2022-48122 1Totolink 1A7100ru Firmware Jun 17, 2026 Jan 20, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the dayvalid parameter in the setting/delStaticDhcpRules function.
CVE-2022-48121 1Totolink 1A7100ru Firmware Jun 17, 2026 Jan 20, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the rsabits parameter in the setting/delStaticDhcpRules function.
CVE-2023-23596 1Jc21 1Nginx Proxy Manager Jun 17, 2026 Jan 20, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 jc21 NGINX Proxy Manager through 2.9.19 allows OS command injection. When creating an access list, the backend builds an htpasswd file with crafted username and/or password input that is concatenated without any validati...Show more jc21 NGINX Proxy Manager through 2.9.19 allows OS command injection. When creating an access list, the backend builds an htpasswd file with crafted username and/or password input that is concatenated without any validation, and is directly passed to the exec command, potentially allowing an authenticated attacker to execute arbitrary commands on the system. NOTE: this is not part of any NGINX software shipped by F5.Show less
CVE-2023-20007 1Cisco 4Rv340 Firmware Rv340w FirmwareRv345 Firmware+1 more Jun 17, 2026 Jan 20, 2023 N/A· v4 7.2 HIGH· v3 N/A· v2 A vulnerability in the web-based management interface of Cisco Small Business RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an authenticated, remote attacker to execute arbitrary code or cause...Show more A vulnerability in the web-based management interface of Cisco Small Business RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an authenticated, remote attacker to execute arbitrary code or cause the web-based management process on the device to restart unexpectedly, resulting in a denial of service (DoS) condition. The attacker must have valid administrator credentials. This vulnerability is due to insufficient validation of user-supplied input to the web-based management interface. An attacker could exploit this vulnerability by sending crafted HTTP input to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the web-based management process to restart, resulting in a DoS condition.Show less
CVE-2022-20964 1Cisco 1Identity Services Engine Jun 17, 2026 Jan 20, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 A vulnerability in the web-based management interface of Cisco Identity Services Engine could allow an authenticated, remote attacker to inject arbitrary commands on the underlying operating system. This vulnerability...Show more A vulnerability in the web-based management interface of Cisco Identity Services Engine could allow an authenticated, remote attacker to inject arbitrary commands on the underlying operating system. This vulnerability is due to improper validation of user input within requests as part of the web-based management interface. An attacker could exploit this vulnerability by manipulating requests to the web-based management interface to contain operating system commands. A successful exploit could allow the attacker to execute arbitrary operating system commands on the underlying operating system with the privileges of the web services user. Cisco has not yet released software updates that address this vulnerability. Show less
CVE-2022-46476 1Dlink 1Dir 859 A1 Firmware Jun 17, 2026 Jan 19, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 D-Link DIR-859 A1 1.05 was discovered to contain a command injection vulnerability via the service= variable in the soapcgi_main function.
CVE-2023-0164 1Orangescrum 1Orangescrum Jun 17, 2026 Jan 18, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 OrangeScrum version 2.0.11 allows an authenticated external attacker to execute arbitrary commands on the server. This is possible because the application injects an attacker-controlled parameter into a system function.

Previous 1...159160161...299 Next