Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.

CVEs (5,964)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2022-26290 1Tenda 1M3 Firmware Nov 21, 2024 Mar 24, 2022 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the component /goform/WriteFacMac.
CVE-2022-26289 1Tenda 1M3 Firmware Nov 21, 2024 Mar 24, 2022 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the component /goform/exeCommand.
CVE-2022-22951 1Vmware 1Carbon Black App Control Nov 21, 2024 Mar 23, 2022 N/A· v4 9.1 CRITICAL· v3 9.0 HIGH· v2 VMware Carbon Black App Control (8.5.x prior to 8.5.14, 8.6.x prior to 8.6.6, 8.7.x prior to 8.7.4 and 8.8.x prior to 8.8.2) contains an OS command injection vulnerability. An authenticated, high privileged malicious act...Show more VMware Carbon Black App Control (8.5.x prior to 8.5.14, 8.6.x prior to 8.6.6, 8.7.x prior to 8.7.4 and 8.8.x prior to 8.8.2) contains an OS command injection vulnerability. An authenticated, high privileged malicious actor with network access to the VMware App Control administration interface may be able to execute commands on the server due to improper input validation leading to remote code execution.Show less
CVE-2022-1030 1Okta 1Advanced Server Access Nov 21, 2024 Mar 23, 2022 N/A· v4 8.8 HIGH· v3 9.3 HIGH· v2 Okta Advanced Server Access Client for Linux and macOS prior to version 1.58.0 was found to be vulnerable to command injection via a specially crafted URL. An attacker, who has knowledge of a valid team name for the vict...Show more Okta Advanced Server Access Client for Linux and macOS prior to version 1.58.0 was found to be vulnerable to command injection via a specially crafted URL. An attacker, who has knowledge of a valid team name for the victim and also knows a valid target host where the user has access, can execute commands on the local system.Show less
CVE-2021-27476 1Rockwellautomation 1Factorytalk Assetcentre Nov 21, 2024 Mar 23, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A vulnerability exists in the SaveConfigFile function of the RACompare Service, which may allow for OS command injection. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary commands in R...Show more A vulnerability exists in the SaveConfigFile function of the RACompare Service, which may allow for OS command injection. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary commands in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier.Show less
CVE-2022-24237 1Snapt 1Aria Nov 21, 2024 Mar 21, 2022 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 The snaptPowered2 component of Snapt Aria v12.8 was discovered to contain a command injection vulnerability. This vulnerability allows authenticated attackers to execute arbitrary commands.
CVE-2021-36100 1Otrs 3Otrs Otrs ItsmOtrs Storm Nov 21, 2024 Mar 21, 2022 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 Specially crafted string in OTRS system configuration can allow the execution of any system command.
CVE-2022-26265 1Contao 1Contao Nov 21, 2024 Mar 18, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Contao Managed Edition v1.5.0 was discovered to contain a remote command execution (RCE) vulnerability via the component php_cli parameter.
CVE-2022-25441 1Tenda 1Ac9 Firmware Nov 21, 2024 Mar 18, 2022 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Tenda AC9 v15.03.2.21 was discovered to contain a remote command execution (RCE) vulnerability via the vlanid parameter in the SetIPTVCfg function.
CVE-2022-25438 1Tenda 1Ac9 Firmware Nov 21, 2024 Mar 18, 2022 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Tenda AC9 v15.03.2.21 was discovered to contain a remote command execution (RCE) vulnerability via the SetIPTVCfg function.
CVE-2021-45966 1Pascom 1Cloud Phone System Nov 21, 2024 Mar 18, 2022 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 An issue was discovered in Pascom Cloud Phone System before 7.20.x. In the management REST API, /services/apply in exd.pl allows remote attackers to execute arbitrary code via shell metacharacters.
CVE-2021-23632 1Git Project 1Git Nov 21, 2024 Mar 17, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 All versions of package git are vulnerable to Remote Code Execution (RCE) due to missing sanitization in the Git.git method, which allows execution of OS commands rather than just git commands. Steps to Reproduce 1. Crea...Show more All versions of package git are vulnerable to Remote Code Execution (RCE) due to missing sanitization in the Git.git method, which allows execution of OS commands rather than just git commands. Steps to Reproduce 1. Create a file named exploit.js with the following content: js var Git = require("git").Git; var repo = new Git("repo-test"); var user_input = "version; date"; repo.git(user_input, function(err, result) { console.log(result); }) 2. In the same directory as exploit.js, run npm install git. 3. Run exploit.js: node exploit.js. You should see the outputs of both the git version and date command-lines. Note that the repo-test Git repository does not need to be present to make this PoC work.Show less
CVE-2022-22273 1Sonicwall 9Sma 200 Firmware Sma 210 FirmwareSma 400 Firmware+6 more Nov 21, 2024 Mar 17, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Improper neutralization of Special Elements leading to OS Command Injection vulnerability impacting end-of-life Secure Remote Access (SRA) products and older firmware versions of Secure Mobile Access (SMA) 100 series pro...Show more Improper neutralization of Special Elements leading to OS Command Injection vulnerability impacting end-of-life Secure Remote Access (SRA) products and older firmware versions of Secure Mobile Access (SMA) 100 series products, specifically the SRA appliances running all 8.x, 9.0.0.5-19sv and earlier versions and Secure Mobile Access (SMA) 100 series products running older firmware 9.0.0.9-26sv and earlier versionsShow less
CVE-2022-27005 1Totolink 2A7000r Firmware X5000r Firmware Nov 21, 2024 Mar 15, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Totolink routers s X5000R V9.1.0u.6118_B20201102 and A7000R V9.1.0u.6115_B20201022 were discovered to contain a command injection vulnerability in the setWanCfg function via the hostName parameter. This vulnerability all...Show more Totolink routers s X5000R V9.1.0u.6118_B20201102 and A7000R V9.1.0u.6115_B20201022 were discovered to contain a command injection vulnerability in the setWanCfg function via the hostName parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.Show less
CVE-2022-27004 1Totolink 2A7000r Firmware X5000r Firmware Nov 21, 2024 Mar 15, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Totolink routers s X5000R V9.1.0u.6118_B20201102 and A7000R V9.1.0u.6115_B20201022 were discovered to contain a command injection vulnerability in the Tunnel 6in4 function via the remote6in4 parameter. This vulnerability...Show more Totolink routers s X5000R V9.1.0u.6118_B20201102 and A7000R V9.1.0u.6115_B20201022 were discovered to contain a command injection vulnerability in the Tunnel 6in4 function via the remote6in4 parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.Show less
CVE-2022-27003 1Totolink 2A7000r Firmware X5000r Firmware Nov 21, 2024 Mar 15, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Totolink routers s X5000R V9.1.0u.6118_B20201102 and A7000R V9.1.0u.6115_B20201022 were discovered to contain a command injection vulnerability in the Tunnel 6rd function via the relay6rd parameter. This vulnerability al...Show more Totolink routers s X5000R V9.1.0u.6118_B20201102 and A7000R V9.1.0u.6115_B20201022 were discovered to contain a command injection vulnerability in the Tunnel 6rd function via the relay6rd parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.Show less
CVE-2022-26994 1Arris 3Sbr Ac1200p Firmware Sbr Ac1900p FirmwareSbr Ac3200p Firmware Nov 21, 2024 Mar 15, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Arris routers SBR-AC1900P 1.0.7-B05, SBR-AC3200P 1.0.7-B05 and SBR-AC1200P 1.0.5-B05 were discovered to contain a command injection vulnerability in the pptp function via the pptpUserName and pptpPassword parameters. Thi...Show more Arris routers SBR-AC1900P 1.0.7-B05, SBR-AC3200P 1.0.7-B05 and SBR-AC1200P 1.0.5-B05 were discovered to contain a command injection vulnerability in the pptp function via the pptpUserName and pptpPassword parameters. This vulnerability allows attackers to execute arbitrary commands via a crafted request.Show less
CVE-2022-26993 1Arris 3Sbr Ac1200p Firmware Sbr Ac1900p FirmwareSbr Ac3200p Firmware Nov 21, 2024 Mar 15, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Arris routers SBR-AC1900P 1.0.7-B05, SBR-AC3200P 1.0.7-B05 and SBR-AC1200P 1.0.5-B05 were discovered to contain a command injection vulnerability in the pppoe function via the pppoeUserName, pppoePassword, and pppoe_Serv...Show more Arris routers SBR-AC1900P 1.0.7-B05, SBR-AC3200P 1.0.7-B05 and SBR-AC1200P 1.0.5-B05 were discovered to contain a command injection vulnerability in the pppoe function via the pppoeUserName, pppoePassword, and pppoe_Service parameters. This vulnerability allows attackers to execute arbitrary commands via a crafted request.Show less
CVE-2022-26992 1Arris 3Sbr Ac1200p Firmware Sbr Ac1900p FirmwareSbr Ac3200p Firmware Nov 21, 2024 Mar 15, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Arris routers SBR-AC1900P 1.0.7-B05, SBR-AC3200P 1.0.7-B05 and SBR-AC1200P 1.0.5-B05 were discovered to contain a command injection vulnerability in the ddns function via the DdnsUserName, DdnsHostName, and DdnsPassword...Show more Arris routers SBR-AC1900P 1.0.7-B05, SBR-AC3200P 1.0.7-B05 and SBR-AC1200P 1.0.5-B05 were discovered to contain a command injection vulnerability in the ddns function via the DdnsUserName, DdnsHostName, and DdnsPassword parameters. This vulnerability allows attackers to execute arbitrary commands via a crafted request.Show less
CVE-2022-26991 1Arris 3Sbr Ac1200p Firmware Sbr Ac1900p FirmwareSbr Ac3200p Firmware Nov 21, 2024 Mar 15, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Arris routers SBR-AC1900P 1.0.7-B05, SBR-AC3200P 1.0.7-B05 and SBR-AC1200P 1.0.5-B05 were discovered to contain a command injection vulnerability in the ntp function via the TimeZone parameter. This vulnerability allows...Show more Arris routers SBR-AC1900P 1.0.7-B05, SBR-AC3200P 1.0.7-B05 and SBR-AC1200P 1.0.5-B05 were discovered to contain a command injection vulnerability in the ntp function via the TimeZone parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.Show less

Previous 1...185186187...299 Next