Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.

CVEs (5,954)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2020-19664 1Draytek 1Vigor2960 Firmware Nov 21, 2024 Dec 31, 2020 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 DrayTek Vigor2960 1.5.1 allows remote command execution via shell metacharacters in a toLogin2FA action to mainfunction.cgi.
CVE-2020-17363 1Usvn 1Usvn Nov 21, 2024 Dec 31, 2020 N/A· v4 9.9 CRITICAL· v3 9.0 HIGH· v2 USVN (aka User-friendly SVN) before 1.0.9 allows remote code execution via shell metacharacters in the number_start or number_end parameter to LastHundredRequest (aka lasthundredrequestAction) in the Timeline module. NOT...Show more USVN (aka User-friendly SVN) before 1.0.9 allows remote code execution via shell metacharacters in the number_start or number_end parameter to LastHundredRequest (aka lasthundredrequestAction) in the Timeline module. NOTE: this may overlap CVE-2020-25069.Show less
CVE-2020-35789 1Netgear 1Nms300 Firmware Nov 21, 2024 Dec 30, 2020 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 NETGEAR NMS300 devices before 1.6.0.27 are affected by command injection by an authenticated user.
CVE-2020-10209 1Amino 6Ak45x Firmware Ak5xx FirmwareAk65x Firmware+3 more Nov 21, 2024 Dec 30, 2020 N/A· v4 8.1 HIGH· v3 9.3 HIGH· v2 Command Injection in the CPE WAN Management Protocol (CWMP) registration in Amino Communications AK45x series, AK5xx series, AK65x series, Aria6xx series, Aria7/AK7Xx series and Kami7B allows man-in-the-middle attackers...Show more Command Injection in the CPE WAN Management Protocol (CWMP) registration in Amino Communications AK45x series, AK5xx series, AK65x series, Aria6xx series, Aria7/AK7Xx series and Kami7B allows man-in-the-middle attackers to execute arbitrary commands with root level privileges.Show less
CVE-2020-10208 1Amino 6Ak45x Firmware Ak5xx FirmwareAk65x Firmware+3 more Nov 21, 2024 Dec 30, 2020 N/A· v4 9.9 CRITICAL· v3 9.0 HIGH· v2 Command Injection in EntoneWebEngine in Amino Communications AK45x series, AK5xx series, AK65x series, Aria6xx series, Aria7/AK7Xx series and Kami7B allows authenticated remote attackers to execute arbitrary commands wit...Show more Command Injection in EntoneWebEngine in Amino Communications AK45x series, AK5xx series, AK65x series, Aria6xx series, Aria7/AK7Xx series and Kami7B allows authenticated remote attackers to execute arbitrary commands with root user privileges.Show less
CVE-2020-25847 1Qnap 2Qts Quts Hero Nov 21, 2024 Dec 29, 2020 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 This command injection vulnerability allows attackers to execute arbitrary commands in a compromised application. QNAP have already fixed this vulnerability in the following versions of QTS and QuTS hero.
CVE-2020-35729 1Klogserver 1Klog Server Nov 21, 2024 Dec 27, 2020 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 KLog Server 2.4.1 allows OS command injection via shell metacharacters in the actions/authenticate.php user parameter.
CVE-2020-35715 1Linksys 1Re6500 Firmware Nov 21, 2024 Dec 26, 2020 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 Belkin LINKSYS RE6500 devices before 1.0.012.001 allow remote authenticated users to execute arbitrary commands via shell metacharacters in a filename to the upload_settings.cgi page.
CVE-2020-35714 1Linksys 1Re6500 Firmware Nov 21, 2024 Dec 26, 2020 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 Belkin LINKSYS RE6500 devices before 1.0.11.001 allow remote authenticated users to execute arbitrary commands via goform/systemCommand?command= in conjunction with the goform/pingstart program.
CVE-2020-35713 1Linksys 1Re6500 Firmware Nov 21, 2024 Dec 26, 2020 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Belkin LINKSYS RE6500 devices before 1.0.012.001 allow remote attackers to execute arbitrary commands or set a new password via shell metacharacters to the goform/setSysAdm page.
CVE-2020-28188 1Terra Master 1Tos Nov 21, 2024 Dec 24, 2020 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Remote Command Execution (RCE) vulnerability in TerraMaster TOS <= 4.2.06 allow remote unauthenticated attackers to inject OS commands via /include/makecvs.php in Event parameter.
CVE-2020-35665 1Terra Master 1Terramaster Operating System Nov 21, 2024 Dec 23, 2020 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 An unauthenticated command-execution vulnerability exists in TerraMaster TOS through 4.2.06 via shell metacharacters in the Event parameter in include/makecvs.php during CSV creation.
CVE-2020-29552 1Urve 1Urve Nov 21, 2024 Dec 23, 2020 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 An issue was discovered in URVE Build 24.03.2020. By using the _internal/pc/vpro.php?mac=0&ip=0&operation=0&usr=0&pass=0%3bpowershell+-c+" substring, it is possible to execute a Powershell command and redirect its output...Show more An issue was discovered in URVE Build 24.03.2020. By using the _internal/pc/vpro.php?mac=0&ip=0&operation=0&usr=0&pass=0%3bpowershell+-c+" substring, it is possible to execute a Powershell command and redirect its output to a file under the web root.Show less
CVE-2020-24581 1Dlink 1Dsl2888a Firmware Nov 21, 2024 Dec 22, 2020 N/A· v4 8.0 HIGH· v3 7.7 HIGH· v2 An issue was discovered on D-Link DSL-2888A devices with firmware prior to AU_2.31_V1.1.47ae55. It contains an execute_cmd.cgi feature (that is not reachable via the web user interface) that lets an authenticated user ex...Show more An issue was discovered on D-Link DSL-2888A devices with firmware prior to AU_2.31_V1.1.47ae55. It contains an execute_cmd.cgi feature (that is not reachable via the web user interface) that lets an authenticated user execute Operating System commands.Show less
CVE-2020-26284 1Gohugo 1Hugo Nov 21, 2024 Dec 21, 2020 N/A· v4 8.5 HIGH· v3 8.5 HIGH· v2 Hugo is a fast and Flexible Static Site Generator built in Go. Hugo depends on Go's `os/exec` for certain features, e.g. for rendering of Pandoc documents if these binaries are found in the system `%PATH%` on Windows. In...Show more Hugo is a fast and Flexible Static Site Generator built in Go. Hugo depends on Go's `os/exec` for certain features, e.g. for rendering of Pandoc documents if these binaries are found in the system `%PATH%` on Windows. In Hugo before version 0.79.1, if a malicious file with the same name (`exe` or `bat`) is found in the current working directory at the time of running `hugo`, the malicious command will be invoked instead of the system one. Windows users who run `hugo` inside untrusted Hugo sites are affected. Users should upgrade to Hugo v0.79.1. Other than avoiding untrusted Hugo sites, there is no workaround.Show less
CVE-2020-35606 1Webmin 1Webmin Nov 21, 2024 Dec 21, 2020 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 Arbitrary command execution can occur in Webmin through 1.962. Any user authorized for the Package Updates module can execute arbitrary commands with root privileges via vectors involving %0A and %0C. NOTE: this issue ex...Show more Arbitrary command execution can occur in Webmin through 1.962. Any user authorized for the Package Updates module can execute arbitrary commands with root privileges via vectors involving %0A and %0C. NOTE: this issue exists because of an incomplete fix for CVE-2019-12840.Show less
CVE-2020-25494 1Xinuos 1Openserver Nov 21, 2024 Dec 18, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Xinuos (formerly SCO) Openserver v5 and v6 allows attackers to execute arbitrary commands via shell metacharacters in outputform or toclevels parameter to cgi-bin/printbook.
CVE-2020-12522 1Wago 5Pfc 100 Firmware Pfc 200 FirmwareTouch Panel 600 Advanced Firmware+2 more Nov 21, 2024 Dec 17, 2020 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 The reported vulnerability allows an attacker who has network access to the device to execute code with specially crafted packets in WAGO Series PFC 100 (750-81xx/xxx-xxx), Series PFC 200 (750-82xx/xxx-xxx), Series Wago...Show more The reported vulnerability allows an attacker who has network access to the device to execute code with specially crafted packets in WAGO Series PFC 100 (750-81xx/xxx-xxx), Series PFC 200 (750-82xx/xxx-xxx), Series Wago Touch Panel 600 Standard Line (762-4xxx), Series Wago Touch Panel 600 Advanced Line (762-5xxx), Series Wago Touch Panel 600 Marine Line (762-6xxx) with firmware versions <=FW10.Show less
CVE-2020-8466 1Trendmicro 1Interscan Web Security Virtual Appliance Nov 21, 2024 Dec 17, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A command injection vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2, with the improved password hashing method enabled, could allow an unauthenticated attacker to execute certain commands by...Show more A command injection vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2, with the improved password hashing method enabled, could allow an unauthenticated attacker to execute certain commands by providing a manipulated password.Show less
CVE-2020-25094 1Logrhythm 1Platform Manager Nov 21, 2024 Dec 17, 2020 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 LogRhythm Platform Manager 7.4.9 allows Command Injection. To exploit this, an attacker can inject arbitrary program names and arguments into a WebSocket. These are forwarded to any remote server with a LogRhythm Smart R...Show more LogRhythm Platform Manager 7.4.9 allows Command Injection. To exploit this, an attacker can inject arbitrary program names and arguments into a WebSocket. These are forwarded to any remote server with a LogRhythm Smart Response agent installed. By default, the commands are run with LocalSystem privileges.Show less

Previous 1...215216217...298 Next