Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.

CVEs (5,954)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2020-26274 1Systeminformation 1Systeminformation Nov 21, 2024 Dec 16, 2020 N/A· v4 8.8 HIGH· v3 7.5 HIGH· v2 In systeminformation (npm package) before version 4.31.1 there is a command injection vulnerability. The problem was fixed in version 4.31.1 with a shell string sanitation fix.
CVE-2020-7781 1Connection Tester Project 1Connection Tester Nov 21, 2024 Dec 16, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 This affects the package connection-tester before 0.2.1. The injection point is located in line 15 in index.js. The following PoC demonstrates the vulnerability:
CVE-2019-14479 1Adremsoft 1Netcrunch Nov 21, 2024 Dec 16, 2020 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 AdRem NetCrunch 10.6.0.4587 allows Remote Code Execution. In the NetCrunch web client, a read-only administrator can execute arbitrary code on the server running the NetCrunch server software.
CVE-2020-25618 1Solarwinds 1N Central Nov 21, 2024 Dec 16, 2020 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 An issue was discovered in SolarWinds N-Central 12.3.0.670. The sudo configuration has incorrect access control because the nable web user account is effectively able to run arbitrary OS commands as root (i.e., the use o...Show more An issue was discovered in SolarWinds N-Central 12.3.0.670. The sudo configuration has incorrect access control because the nable web user account is effectively able to run arbitrary OS commands as root (i.e., the use of root privileges is not limited to specific programs listed in the sudoers file).Show less
CVE-2020-35476 1Opentsdb 1Opentsdb Nov 21, 2024 Dec 16, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A remote code execution vulnerability occurs in OpenTSDB through 2.4.0 via command injection in the yrange parameter. The yrange value is written to a gnuplot file in the /tmp directory. This file is then executed via th...Show more A remote code execution vulnerability occurs in OpenTSDB through 2.4.0 via command injection in the yrange parameter. The yrange value is written to a gnuplot file in the /tmp directory. This file is then executed via the mygnuplot.sh shell script. (tsd/GraphHandler.java attempted to prevent command injections by blocking backticks but this is insufficient.)Show less
CVE-2020-26259 4Apache DebianFedoraproject+1 more 4Debian Linux FedoraStruts+1 more May 23, 2025 Dec 16, 2020 N/A· v4 6.8 MEDIUM· v3 6.4 MEDIUM· v2 XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.15, is vulnerable to an Arbitrary File Deletion on the local host when unmarshalling. The vulnerability may allow a remo...Show more XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.15, is vulnerable to an Arbitrary File Deletion on the local host when unmarshalling. The vulnerability may allow a remote attacker to delete arbitrary know files on the host as log as the executing process has sufficient rights only by manipulating the processed input stream. If you rely on XStream's default blacklist of the Security Framework, you will have to use at least version 1.4.15. The reported vulnerability does not exist running Java 15 or higher. No user is affected, who followed the recommendation to setup XStream's Security Framework with a whitelist! Anyone relying on XStream's default blacklist can immediately switch to a whilelist for the allowed types to avoid the vulnerability. Users of XStream 1.4.14 or below who still want to use XStream default blacklist can use a workaround described in more detailed in the referenced advisories.Show less
CVE-2020-25759 1Dlink 10Dsr 1000 Firmware Dsr 1000ac FirmwareDsr 1000n Firmware+7 more Nov 21, 2024 Dec 15, 2020 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 An issue was discovered on D-Link DSR-250 3.17 devices. Certain functionality in the Unified Services Router web interface could allow an authenticated attacker to execute arbitrary commands, due to a lack of validation...Show more An issue was discovered on D-Link DSR-250 3.17 devices. Certain functionality in the Unified Services Router web interface could allow an authenticated attacker to execute arbitrary commands, due to a lack of validation of inputs provided in multipart HTTP POST requests.Show less
CVE-2020-25757 1Dlink 10Dsr 1000 Firmware Dsr 1000ac FirmwareDsr 1000n Firmware+7 more Nov 21, 2024 Dec 15, 2020 N/A· v4 8.8 HIGH· v3 8.3 HIGH· v2 A lack of input validation and access controls in Lua CGIs on D-Link DSR VPN routers may result in arbitrary input being passed to system command APIs, resulting in arbitrary command execution with root privileges. This...Show more A lack of input validation and access controls in Lua CGIs on D-Link DSR VPN routers may result in arbitrary input being passed to system command APIs, resulting in arbitrary command execution with root privileges. This affects DSR-150, DSR-250, DSR-500, and DSR-1000AC with firmware 3.14 and 3.17.Show less
CVE-2020-20184 1Liftoffsoftware 1Gateone Nov 21, 2024 Dec 14, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 GateOne allows remote attackers to execute arbitrary commands via shell metacharacters in the port field when attempting an SSH connection.
CVE-2020-5636 1Necplatforms 1Aterm Sa3500g Firmware Nov 21, 2024 Dec 14, 2020 N/A· v4 6.8 MEDIUM· v3 5.2 MEDIUM· v2 Aterm SA3500G firmware versions prior to Ver. 3.5.9 allows an attacker with an administrative privilege to send a specially crafted request to a specific URL, which may result in an arbitrary command execution.
CVE-2020-5635 1Necplatforms 1Aterm Sa3500g Firmware Nov 21, 2024 Dec 14, 2020 N/A· v4 8.8 HIGH· v3 5.8 MEDIUM· v2 Aterm SA3500G firmware versions prior to Ver. 3.5.9 allows an attacker on the adjacent network to send a specially crafted request to a specific URL, which may result in an arbitrary command execution.
CVE-2020-28440 1Corenlp Js Interface Project 1Corenlp Js Interface Nov 21, 2024 Dec 11, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 All versions of package corenlp-js-interface are vulnerable to Command Injection via the main function.
CVE-2020-28439 1Corenlp Js Prefab Project 1Corenlp Js Prefab Nov 21, 2024 Dec 11, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 This affects all versions of package corenlp-js-prefab. The injection point is located in line 10 in 'index.js.' It depends on a vulnerable package 'corenlp-js-interface.' Vulnerability can be exploited with the followin...Show more This affects all versions of package corenlp-js-prefab. The injection point is located in line 10 in 'index.js.' It depends on a vulnerable package 'corenlp-js-interface.' Vulnerability can be exploited with the following PoC:Show less
CVE-2020-15357 1Askey 1Ap5100w Firmware Nov 21, 2024 Dec 11, 2020 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Network Analysis functionality in Askey AP5100W_Dual_SIG_1.01.097 and all prior versions allows remote attackers to execute arbitrary commands via a shell metacharacter in the ping, traceroute, or route options.
CVE-2020-12149 1Arubanetworks 1Edgeconnect Enterprise Dec 12, 2024 Dec 11, 2020 N/A· v4 6.8 MEDIUM· v3 8.5 HIGH· v2 The configuration backup/restore function in Silver Peak Unity ECOSTM (ECOS) appliance software was found to directly incorporate the user-controlled config filename in a subsequent shell command, allowing an attacker to...Show more The configuration backup/restore function in Silver Peak Unity ECOSTM (ECOS) appliance software was found to directly incorporate the user-controlled config filename in a subsequent shell command, allowing an attacker to manipulate the resulting command by injecting valid OS command input. This vulnerability can be exploited by an attacker with authenticated access to the Orchestrator UI or EdgeConnect UI. This affects all ECOS versions prior to: 8.1.9.15, 8.3.0.8, 8.3.1.2, 8.3.2.0, 9.0.2.0, and 9.1.0.0.Show less
CVE-2020-12148 1Arubanetworks 1Edgeconnect Enterprise Dec 12, 2024 Dec 11, 2020 N/A· v4 6.8 MEDIUM· v3 8.5 HIGH· v2 A command injection flaw identified in the nslookup API in Silver Peak Unity ECOSTM (ECOS) appliance software could allow an attacker to execute arbitrary commands with the privileges of the web server running on the Edg...Show more A command injection flaw identified in the nslookup API in Silver Peak Unity ECOSTM (ECOS) appliance software could allow an attacker to execute arbitrary commands with the privileges of the web server running on the EdgeConnect appliance. An attacker could exploit this vulnerability to establish an interactive channel, effectively taking control of the target system. This vulnerability can be exploited by an attacker with authenticated access to the Orchestrator UI or EdgeConnect UI. This affects all ECOS versions prior to : 8.1.9.15, 8.3.0.8, 8.3.1.2, 8.3.2.0, 9.0.2.0, and 9.1.0.0.Show less
CVE-2020-7789 1Node Notifier Project 1Node Notifier Nov 21, 2024 Dec 11, 2020 N/A· v4 5.6 MEDIUM· v3 6.8 MEDIUM· v2 This affects the package node-notifier before 9.0.0. It allows an attacker to run arbitrary commands on Linux machines due to the options params not being sanitised when being passed an array.
CVE-2020-29311 1Ubilling 1Ubilling Nov 21, 2024 Dec 10, 2020 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Ubilling v1.0.9 allows Remote Command Execution as Root user by executing a malicious command that is injected inside the config file and being triggered by another part of the software.
CVE-2020-19527 1Idreamsoft 1Icms Nov 21, 2024 Dec 10, 2020 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 iCMS 7.0.14 attackers to execute arbitrary OS commands via shell metacharacters in the DB_NAME parameter to install/install.php.
CVE-2020-19142 1Idreamsoft 1Icms Nov 21, 2024 Dec 10, 2020 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 iCMS 7 attackers to execute arbitrary OS commands via shell metacharacters in the DB_PREFIX parameter to install/install.php.

Previous 1...216217218...298 Next