Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.

CVEs (5,964)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2022-47911 1Sewio 1Real Time Location System Studio Jun 17, 2026 Jan 18, 2023 N/A· v4 7.2 HIGH· v3 N/A· v2 Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2 does not properly validate the input module name to the backup services of the software. This could allow a remote attacker...Show more Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2 does not properly validate the input module name to the backup services of the software. This could allow a remote attacker to access sensitive functions of the application and execute arbitrary system commands. Show less
CVE-2022-43483 1Sewio 1Real Time Location System Studio Jun 17, 2026 Jan 18, 2023 N/A· v4 7.2 HIGH· v3 N/A· v2 Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2 does not properly validate the input module name to the monitor services of the software. This could allow a remote attacker...Show more Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2 does not properly validate the input module name to the monitor services of the software. This could allow a remote attacker to access sensitive functions of the application and execute arbitrary system commands. Show less
CVE-2022-2251 1Gitlab 1Runner Jun 17, 2026 Jan 17, 2023 N/A· v4 8.0 HIGH· v3 N/A· v2 Improper sanitization of branch names in GitLab Runner affecting all versions prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allows a user who creates a branch with a specially crafted name and gets anot...Show more Improper sanitization of branch names in GitLab Runner affecting all versions prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allows a user who creates a branch with a specially crafted name and gets another user to trigger a pipeline to execute commands in the runner as that other user.Show less
CVE-2022-47853 1Totolink 1A7100ru Firmware Jun 17, 2026 Jan 17, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 TOTOlink A7100RU V7.4cu.2313_B20191024 is vulnerable to Command Injection Vulnerability in the httpd service. An attacker can obtain a stable root shell through a specially constructed payload.
CVE-2023-22304 1Pixela 1Pix Rt100 Firmware Jun 17, 2026 Jan 17, 2023 N/A· v4 8.0 HIGH· v3 N/A· v2 OS command injection vulnerability in PIX-RT100 versions RT100_TEQ_2.1.1_EQ101 and RT100_TEQ_2.1.2_EQ101 allows a network-adjacent attacker who can access product settings to execute an arbitrary OS command.
CVE-2023-22280 1Ate Mahoroba 3Maho Pbx Netdevancer Firmware Maho Pbx Netdevancer Mobilegate FirmwareMaho Pbx Netdevancer Vsg Firmware Jun 17, 2026 Jan 17, 2023 N/A· v4 7.2 HIGH· v3 N/A· v2 MAHO-PBX NetDevancer Lite/Uni/Pro/Cloud prior to Ver.1.11.00, MAHO-PBX NetDevancer VSG Lite/Uni prior to Ver.1.11.00, and MAHO-PBX NetDevancer MobileGate Home/Office prior to Ver.1.11.00 allow a remote authenticated atta...Show more MAHO-PBX NetDevancer Lite/Uni/Pro/Cloud prior to Ver.1.11.00, MAHO-PBX NetDevancer VSG Lite/Uni prior to Ver.1.11.00, and MAHO-PBX NetDevancer MobileGate Home/Office prior to Ver.1.11.00 allow a remote authenticated attacker with an administrative privilege to execute an arbitrary OS command.Show less
CVE-2023-22279 1Ate Mahoroba 3Maho Pbx Netdevancer Firmware Maho Pbx Netdevancer Mobilegate FirmwareMaho Pbx Netdevancer Vsg Firmware Jun 17, 2026 Jan 17, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 MAHO-PBX NetDevancer Lite/Uni/Pro/Cloud prior to Ver.1.11.00, MAHO-PBX NetDevancer VSG Lite/Uni prior to Ver.1.11.00, and MAHO-PBX NetDevancer MobileGate Home/Office prior to Ver.1.11.00 allow a remote unauthenticated at...Show more MAHO-PBX NetDevancer Lite/Uni/Pro/Cloud prior to Ver.1.11.00, MAHO-PBX NetDevancer VSG Lite/Uni prior to Ver.1.11.00, and MAHO-PBX NetDevancer MobileGate Home/Office prior to Ver.1.11.00 allow a remote unauthenticated attacker to execute an arbitrary OS command.Show less
CVE-2022-41955 1Autolabproject 1Autolab Jun 17, 2026 Jan 14, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Autolab is a course management service, initially developed by a team of students at Carnegie Mellon University, that enables instructors to offer autograded programming assignments to their students over the Web. A remo...Show more Autolab is a course management service, initially developed by a team of students at Carnegie Mellon University, that enables instructors to offer autograded programming assignments to their students over the Web. A remote code execution vulnerability was discovered in Autolab's MOSS functionality, whereby an instructor with access to the feature might be able to execute code on the server hosting Autolab. This vulnerability has been patched in version 2.10.0. As a workaround, disable the MOSS feature if it is unneeded by replacing the body of `run_moss` in `app/controllers/courses_controller.rb` with `render(plain: "Feature disabled", status: :bad_request) && return`.Show less
CVE-2022-21191 1Global Modules Path Project 1Global Modules Path Jun 17, 2026 Jan 13, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Versions of the package global-modules-path before 3.0.0 are vulnerable to Command Injection due to missing input sanitization or other checks and sandboxes being employed to the getPath function.
CVE-2022-42290 1Nvidia 1Dgx A100 Firmware Jun 17, 2026 Jan 13, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 NVIDIA BMC contains a vulnerability in SPX REST API, where an authorized attacker can inject arbitrary shell commands, which may lead to code execution, denial of service, information disclosure and data tampering.
CVE-2022-42289 1Nvidia 1Dgx A100 Firmware Jun 17, 2026 Jan 13, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 NVIDIA BMC contains a vulnerability in SPX REST API, where an authorized attacker can inject arbitrary shell commands, which may lead to code execution, denial of service, information disclosure and data tampering.
CVE-2022-42279 1Nvidia 1Dgx A100 Firmware Jun 17, 2026 Jan 13, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 NVIDIA BMC contains a vulnerability in SPX REST API, where an authorized attacker can inject arbitrary shell commands, which may lead to code execution, denial of service, information disclosure and data tampering.
CVE-2023-22598 1Inhandnetworks 2Inrouter302 Firmware Inrouter615 S Firmware Jun 17, 2026 Jan 12, 2023 N/A· v4 7.2 HIGH· v3 N/A· v2 InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version InRouter6XX-S-V2.3.0.r5542, contain vulnerability CWE-78: Improper Neutralization of Special Elements used in an OS Comma...Show more InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version InRouter6XX-S-V2.3.0.r5542, contain vulnerability CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection'). An unauthorized user with privileged access to the local web interface or the cloud account managing the affected devices could push a specially crafted configuration update file to gain root access. This could lead to remote code execution with root privileges. Show less
CVE-2022-48252 1Pi.alert Project 1Pi.alert Jun 17, 2026 Jan 11, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 The jokob-sk/Pi.Alert fork (before 22.12.20) of Pi.Alert allows Remote Code Execution via nmap_scan.php (scan parameter) OS Command Injection.
CVE-2022-43390 1Zyxel 39Ax7501 B0 Firmware Dx3301 T0 FirmwareDx4510 B1 Firmware+36 more Jun 17, 2026 Jan 11, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 A command injection vulnerability in the CGI program of Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an authenticated attacker to execute some OS commands on a vulnerable device by sending a crafted...Show more A command injection vulnerability in the CGI program of Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an authenticated attacker to execute some OS commands on a vulnerable device by sending a crafted HTTP request.Show less
CVE-2022-43973 1Linksys 1Wrt54gl Firmware Jun 17, 2026 Jan 9, 2023 N/A· v4 7.2 HIGH· v3 N/A· v2 An arbitrary code execution vulnerability exisits in Linksys WRT54GL Wireless-G Broadband Router with firmware <= 4.30.18.006. The Check_TSSI function within the httpd binary uses unvalidated user input in the constructi...Show more An arbitrary code execution vulnerability exisits in Linksys WRT54GL Wireless-G Broadband Router with firmware <= 4.30.18.006. The Check_TSSI function within the httpd binary uses unvalidated user input in the construction of a system command. An authenticated attacker with administrator privileges can leverage this vulnerability over the network via a malicious POST request to /apply.cgi to execute arbitrary commands on the underlying Linux operating system as root.Show less
CVE-2022-43971 1Linksys 1Wumc710 Firmware Jun 17, 2026 Jan 9, 2023 N/A· v4 7.2 HIGH· v3 N/A· v2 An arbitrary code exection vulnerability exists in Linksys WUMC710 Wireless-AC Universal Media Connector with firmware <= 1.0.02 (build3). The do_setNTP function within the httpd binary uses unvalidated user input in the...Show more An arbitrary code exection vulnerability exists in Linksys WUMC710 Wireless-AC Universal Media Connector with firmware <= 1.0.02 (build3). The do_setNTP function within the httpd binary uses unvalidated user input in the construction of a system command. An authenticated attacker with administrator privileges can leverage this vulnerability over the network via a malicious GET or POST request to /setNTP.cgi to execute arbitrary commands on the underlying Linux operating system as root.Show less
CVE-2022-36926 1Zoom 1Rooms Jun 17, 2026 Jan 9, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Zoom Rooms for macOS clients before version 5.11.3 contain a local privilege escalation vulnerability. A local low-privileged user could exploit this vulnerability to escalate their privileges to root.
CVE-2022-25890 1Wifey Project 1Wifey Jun 17, 2026 Jan 9, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 All versions of the package wifey are vulnerable to Command Injection via the connect() function due to improper input sanitization.
CVE-2022-44149 1Nexxtsolutions 1Amp300 Firmware Jun 17, 2026 Jan 6, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 The web service on Nexxt Amp300 ARN02304U8 42.103.1.5095 and 80.103.2.5045 devices allows remote OS command execution by placing &telnetd in the JSON host field to the ping feature of the goform/sysTools component. Authe...Show more The web service on Nexxt Amp300 ARN02304U8 42.103.1.5095 and 80.103.2.5045 devices allows remote OS command execution by placing &telnetd in the JSON host field to the ping feature of the goform/sysTools component. Authentication is requiredShow less

Previous 1...160161162...299 Next