Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.

CVEs (5,964)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2020-21935 1Motorola 1Cx2 Firmware Nov 21, 2024 Jul 21, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A command injection vulnerability in HNAP1/GetNetworkTomographySettings of Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n allows attackers to execute arbitrary code.
CVE-2021-32751 1Gradle 1Gradle Nov 21, 2024 Jul 20, 2021 N/A· v4 7.5 HIGH· v3 8.5 HIGH· v2 Gradle is a build tool with a focus on build automation. In versions prior to 7.2, start scripts generated by the `application` plugin and the `gradlew` script are both vulnerable to arbitrary code execution when an atta...Show more Gradle is a build tool with a focus on build automation. In versions prior to 7.2, start scripts generated by the `application` plugin and the `gradlew` script are both vulnerable to arbitrary code execution when an attacker is able to change environment variables for the user running the script. This may impact those who use `gradlew` on Unix-like systems or use the scripts generated by Gradle in thieir application on Unix-like systems. For this vulnerability to be exploitable, an attacker needs to be able to set the value of particular environment variables and have those environment variables be seen by the vulnerable scripts. This issue has been patched in Gradle 7.2 by removing the use of `eval` and requiring the use of the `bash` shell. There are a few workarounds available. For CI/CD systems using the Gradle build tool, one may ensure that untrusted users are unable to change environment variables for the user that executes `gradlew`. If one is unable to upgrade to Gradle 7.2, one may generate a new `gradlew` script with Gradle 7.2 and use it for older versions of Gradle. Fpplications using start scripts generated by Gradle, one may ensure that untrusted users are unable to change environment variables for the user that executes the start script. A vulnerable start script could be manually patched to remove the use of `eval` or the use of environment variables that affect the application's command-line. If the application is simple enough, one may be able to avoid the use of the start scripts by running the application directly with Java command.Show less
CVE-2020-25206 1Mimosa 3B5 Firmware B5c FirmwareC5c Firmware Nov 21, 2024 Jul 20, 2021 N/A· v4 7.2 HIGH· v3 9.0 HIGH· v2 The web console for Mimosa B5, B5c, and C5x firmware through 2.8.0.2 allows authenticated command injection in the Throughput, WANStats, PhyStats, and QosStats API classes. An attacker with access to a web console accoun...Show more The web console for Mimosa B5, B5c, and C5x firmware through 2.8.0.2 allows authenticated command injection in the Throughput, WANStats, PhyStats, and QosStats API classes. An attacker with access to a web console account may execute operating system commands on affected devices by sending crafted POST requests to the affected endpoints (/core/api/calls/Throughput.php, /core/api/calls/WANStats.php, /core/api/calls/PhyStats.php, /core/api/calls/QosStats.php). This results in the complete takeover of the vulnerable device. This vulnerability does not occur in the older 1.5.x firmware versions.Show less
CVE-2021-22125 1Fortinet 1Fortisandbox Nov 21, 2024 Jul 20, 2021 N/A· v4 7.2 HIGH· v3 9.0 HIGH· v2 An instance of improper neutralization of special elements in the sniffer module of FortiSandbox before 3.2.2 may allow an authenticated administrator to execute commands on the underlying system's shell via altering the...Show more An instance of improper neutralization of special elements in the sniffer module of FortiSandbox before 3.2.2 may allow an authenticated administrator to execute commands on the underlying system's shell via altering the content of its configuration file.Show less
CVE-2020-5322 1Dell 1Emc Openmanage Enterprise Modular Nov 21, 2024 Jul 19, 2021 N/A· v4 9.1 CRITICAL· v3 9.0 HIGH· v2 Dell EMC OpenManage Enterprise-Modular (OME-M) versions prior to 1.10.00 contain a command injection vulnerability. A remote authenticated malicious user with high privileges could potentially exploit the vulnerability t...Show more Dell EMC OpenManage Enterprise-Modular (OME-M) versions prior to 1.10.00 contain a command injection vulnerability. A remote authenticated malicious user with high privileges could potentially exploit the vulnerability to execute arbitrary shell commands on the affected system.Show less
CVE-2020-29499 1Dell 1Emc Powerstore Nov 21, 2024 Jul 19, 2021 N/A· v4 6.7 MEDIUM· v3 7.2 HIGH· v2 Dell EMC PowerStore versions prior to 1.0.3.0.5.006 contain an OS Command Injection vulnerability in PowerStore X environment . A locally authenticated attacker could potentially exploit this vulnerability, leading to th...Show more Dell EMC PowerStore versions prior to 1.0.3.0.5.006 contain an OS Command Injection vulnerability in PowerStore X environment . A locally authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS command on the PowerStore underlying OS. Exploiting may lead to a system take over by an attacker.Show less
CVE-2021-32749 2Fail2ban Fedoraproject 2Fail2ban Fedora Nov 21, 2024 Jul 16, 2021 N/A· v4 8.1 HIGH· v3 6.8 MEDIUM· v2 fail2ban is a daemon to ban hosts that cause multiple authentication errors. In versions 0.9.7 and prior, 0.10.0 through 0.10.6, and 0.11.0 through 0.11.2, there is a vulnerability that leads to possible remote code exec...Show more fail2ban is a daemon to ban hosts that cause multiple authentication errors. In versions 0.9.7 and prior, 0.10.0 through 0.10.6, and 0.11.0 through 0.11.2, there is a vulnerability that leads to possible remote code execution in the mailing action mail-whois. Command `mail` from mailutils package used in mail actions like `mail-whois` can execute command if unescaped sequences (`\n~`) are available in "foreign" input (for instance in whois output). To exploit the vulnerability, an attacker would need to insert malicious characters into the response sent by the whois server, either via a MITM attack or by taking over a whois server. The issue is patched in versions 0.10.7 and 0.11.3. As a workaround, one may avoid the usage of action `mail-whois` or patch the vulnerability manually.Show less
CVE-2021-21819 1Dlink 1Dir 3040 Firmware Nov 21, 2024 Jul 16, 2021 N/A· v4 7.2 HIGH· v3 9.0 HIGH· v2 A code execution vulnerability exists in the Libcli Test Environment functionality of D-LINK DIR-3040 1.13B03. A specially crafted network request can lead to arbitrary command execution. An attacker can send a sequence...Show more A code execution vulnerability exists in the Libcli Test Environment functionality of D-LINK DIR-3040 1.13B03. A specially crafted network request can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger this vulnerability.Show less
CVE-2020-19907 1Mitre 1Caldera Nov 21, 2024 Jul 12, 2021 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 A command injection vulnerability in the sandcat plugin of Caldera 2.3.1 and earlier allows authenticated attackers to execute any command or service.
CVE-2021-24015 1Fortinet 1Fortimail Nov 21, 2024 Jul 12, 2021 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 An improper neutralization of special elements used in an OS Command vulnerability in the administrative interface of FortiMail before 6.4.4 may allow an authenticated attacker to execute unauthorized commands via specif...Show more An improper neutralization of special elements used in an OS Command vulnerability in the administrative interface of FortiMail before 6.4.4 may allow an authenticated attacker to execute unauthorized commands via specifically crafted HTTP requests.Show less
CVE-2021-26106 1Fortinet 3Fortiap Fortiap SFortiap W2 Nov 21, 2024 Jul 9, 2021 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 An improper neutralization of special elements used in an OS Command vulnerability in FortiAP's console 6.4.1 through 6.4.5 and 6.2.4 through 6.2.5 may allow an authenticated attacker to execute unauthorized commands by...Show more An improper neutralization of special elements used in an OS Command vulnerability in FortiAP's console 6.4.1 through 6.4.5 and 6.2.4 through 6.2.5 may allow an authenticated attacker to execute unauthorized commands by running the kdbg CLI command with specifically crafted arguments.Show less
CVE-2021-34616 1Arubanetworks 1Clearpass Policy Manager Nov 21, 2024 Jul 8, 2021 N/A· v4 6.3 MEDIUM· v3 6.5 MEDIUM· v2 A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.10.0, 6.9.6 and 6.8.9. Aruba has released updates to ClearPass Policy Manager that address this s...Show more A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.10.0, 6.9.6 and 6.8.9. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability.Show less
CVE-2021-34615 1Arubanetworks 1Clearpass Policy Manager Nov 21, 2024 Jul 8, 2021 N/A· v4 6.3 MEDIUM· v3 6.5 MEDIUM· v2 A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.10.0, 6.9.6 and 6.8.9. Aruba has released updates to ClearPass Policy Manager that address this s...Show more A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.10.0, 6.9.6 and 6.8.9. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability.Show less
CVE-2021-34613 1Arubanetworks 1Clearpass Policy Manager Nov 21, 2024 Jul 8, 2021 N/A· v4 6.3 MEDIUM· v3 6.5 MEDIUM· v2 A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.10.0, 6.9.6 and 6.8.9. Aruba has released updates to ClearPass Policy Manager that address this s...Show more A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.10.0, 6.9.6 and 6.8.9. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability.Show less
CVE-2021-34612 1Arubanetworks 1Clearpass Policy Manager Nov 21, 2024 Jul 8, 2021 N/A· v4 6.3 MEDIUM· v3 6.5 MEDIUM· v2 A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.10.0, 6.9.6 and 6.8.9. Aruba has released updates to ClearPass Policy Manager that address this s...Show more A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.10.0, 6.9.6 and 6.8.9. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability.Show less
CVE-2021-34614 1Arubanetworks 1Clearpass Policy Manager Nov 21, 2024 Jul 8, 2021 N/A· v4 6.3 MEDIUM· v3 6.5 MEDIUM· v2 A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.10.0, 6.9.6 and 6.8.9. Aruba has released updates to ClearPass Policy Manager that address this s...Show more A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.10.0, 6.9.6 and 6.8.9. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability.Show less
CVE-2021-34611 1Arubanetworks 1Clearpass Policy Manager Nov 21, 2024 Jul 8, 2021 N/A· v4 7.2 HIGH· v3 9.0 HIGH· v2 A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.10.0, 6.9.6 and 6.8.9. Aruba has released updates to ClearPass Policy Manager that address this s...Show more A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.10.0, 6.9.6 and 6.8.9. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability.Show less
CVE-2021-34610 1Arubanetworks 1Clearpass Policy Manager Nov 21, 2024 Jul 8, 2021 N/A· v4 7.2 HIGH· v3 9.0 HIGH· v2 A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.10.0, 6.9.6 and 6.8.9. Aruba has released updates to ClearPass Policy Manager that address this s...Show more A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.10.0, 6.9.6 and 6.8.9. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability.Show less
CVE-2021-32534 1Qsan 1Sanos Nov 21, 2024 Jul 7, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 QSAN SANOS factory reset function does not filter special parameters. Remote attackers can use this vulnerability to inject and execute arbitrary commands without permissions. The referred vulnerability has been solved w...Show more QSAN SANOS factory reset function does not filter special parameters. Remote attackers can use this vulnerability to inject and execute arbitrary commands without permissions. The referred vulnerability has been solved with the updated version of QSAN SANOS v2.1.0.Show less
CVE-2021-32533 1Qsan 1Sanos Nov 21, 2024 Jul 7, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 The QSAN SANOS setting page does not filter special parameters. Remote attackers can use this vulnerability to inject and execute arbitrary commands without permissions. The referred vulnerability has been solved with th...Show more The QSAN SANOS setting page does not filter special parameters. Remote attackers can use this vulnerability to inject and execute arbitrary commands without permissions. The referred vulnerability has been solved with the updated version of QSAN SANOS v2.1.0.Show less

Previous 1...201202203...299 Next