Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.

CVEs (5,953)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2020-15123 1Codecov 1Codecov Nov 21, 2024 Jul 20, 2020 N/A· v4 9.3 CRITICAL· v3 6.8 MEDIUM· v2 In codecov (npm package) before version 3.7.1 the upload method has a command injection vulnerability. Clients of the codecov-node library are unlikely to be aware of this, so they might unwittingly write code that conta...Show more In codecov (npm package) before version 3.7.1 the upload method has a command injection vulnerability. Clients of the codecov-node library are unlikely to be aware of this, so they might unwittingly write code that contains a vulnerability. A similar CVE (CVE-2020-7597 for GHSA-5q88-cjfq-g2mh) was issued but the fix was incomplete. It only blocked &, and command injection is still possible using backticks instead to bypass the sanitizer. The attack surface is low in this case. Particularly in the standard use of codecov, where the module is used directly in a build pipeline, not built against as a library in another application that may supply malicious input and perform command injection.Show less
CVE-2020-15121 2Fedoraproject Radare 2Fedora Radare2 Nov 21, 2024 Jul 20, 2020 N/A· v4 9.6 CRITICAL· v3 6.8 MEDIUM· v2 In radare2 before version 4.5.0, malformed PDB file names in the PDB server path cause shell injection. To trigger the problem it's required to open the executable in radare2 and run idpd to trigger the download. The she...Show more In radare2 before version 4.5.0, malformed PDB file names in the PDB server path cause shell injection. To trigger the problem it's required to open the executable in radare2 and run idpd to trigger the download. The shell code will execute, and will create a file called pwned in the current directory.Show less
CVE-2020-7206 1Hp 1Nagios Plugins Hpilo Nov 21, 2024 Jul 17, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 HP nagios plugin for iLO (nagios-plugins-hpilo v1.50 and earlier) has a php code injection vulnerability.
CVE-2020-5759 1Grandstream 3Ucm6202 Firmware Ucm6204 FirmwareUcm6208 Firmware Nov 21, 2024 Jul 17, 2020 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Grandstream UCM6200 series firmware version 1.0.20.23 and below is vulnerable to OS command injection via SSH. An authenticated remote attacker can execute commands as the root user by issuing a specially crafted "unset"...Show more Grandstream UCM6200 series firmware version 1.0.20.23 and below is vulnerable to OS command injection via SSH. An authenticated remote attacker can execute commands as the root user by issuing a specially crafted "unset" command.Show less
CVE-2020-5758 1Grandstream 3Ucm6202 Firmware Ucm6204 FirmwareUcm6208 Firmware Nov 21, 2024 Jul 17, 2020 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 Grandstream UCM6200 series firmware version 1.0.20.23 and below is vulnerable to OS command injection via HTTP. An authenticated remote attacker can execute commands as the root user by sending a crafted HTTP GET to the...Show more Grandstream UCM6200 series firmware version 1.0.20.23 and below is vulnerable to OS command injection via HTTP. An authenticated remote attacker can execute commands as the root user by sending a crafted HTTP GET to the UCM's "Old" HTTPS API.Show less
CVE-2020-5757 1Grandstream 3Ucm6202 Firmware Ucm6204 FirmwareUcm6208 Firmware Nov 21, 2024 Jul 17, 2020 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Grandstream UCM6200 series firmware version 1.0.20.23 and below is vulnerable to OS command injection via HTTP. An authenticated remote attacker can bypass command injection mitigations and execute commands as the root u...Show more Grandstream UCM6200 series firmware version 1.0.20.23 and below is vulnerable to OS command injection via HTTP. An authenticated remote attacker can bypass command injection mitigations and execute commands as the root user by sending a crafted HTTP POST to the UCM's "New" HTTPS API.Show less
CVE-2020-5756 1Grandstream 1Gwn7000 Firmware Nov 21, 2024 Jul 17, 2020 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 Grandstream GWN7000 firmware version 1.0.9.4 and below allows authenticated remote users to modify the system's crontab via undocumented API. An attacker can use this functionality to execute arbitrary OS commands on the...Show more Grandstream GWN7000 firmware version 1.0.9.4 and below allows authenticated remote users to modify the system's crontab via undocumented API. An attacker can use this functionality to execute arbitrary OS commands on the router.Show less
CVE-2020-7825 1Tobesoft 1Miplatform Nov 21, 2024 Jul 17, 2020 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 A vulnerability exists that could allow the execution of operating system commands on systems running MiPlatform 2019.05.16 and earlier. An attacker could execute arbitrary remote command by sending parameters to WinExec...Show more A vulnerability exists that could allow the execution of operating system commands on systems running MiPlatform 2019.05.16 and earlier. An attacker could execute arbitrary remote command by sending parameters to WinExec function in ExtCommandApi.dll module of MiPlatform.Show less
CVE-2020-11981 1Apache 1Airflow Nov 21, 2024 Jul 17, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An issue was found in Apache Airflow versions 1.10.10 and below. When using CeleryExecutor, if an attacker can connect to the broker (Redis, RabbitMQ) directly, it is possible to inject commands, resulting in the celery...Show more An issue was found in Apache Airflow versions 1.10.10 and below. When using CeleryExecutor, if an attacker can connect to the broker (Redis, RabbitMQ) directly, it is possible to inject commands, resulting in the celery worker running arbitrary commands.Show less
CVE-2020-11978 1Apache 1Airflow Oct 23, 2025 Jul 17, 2020 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 An issue was found in Apache Airflow versions 1.10.10 and below. A remote code/command injection vulnerability was discovered in one of the example DAGs shipped with Airflow which would allow any authenticated user to ru...Show more An issue was found in Apache Airflow versions 1.10.10 and below. A remote code/command injection vulnerability was discovered in one of the example DAGs shipped with Airflow which would allow any authenticated user to run arbitrary commands as the user running airflow worker/scheduler (depending on the executor in use). If you already have examples disabled by setting load_examples=False in the config then you are not vulnerable.Show less
CVE-2020-3332 1Cisco 4Rv110w Wireless N Vpn Firewall Firmware Rv130 Vpn Router FirmwareRv130w Wireless N Multifunction Vpn Router Firmware+1 more Nov 21, 2024 Jul 16, 2020 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 A vulnerability in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Series Routers could allow an authenticated, remote attacker to inject arbitrary shell commands that are exe...Show more A vulnerability in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Series Routers could allow an authenticated, remote attacker to inject arbitrary shell commands that are executed by an affected device. The vulnerability is due to insufficient input validation of user-supplied data. An attacker could exploit this vulnerability by sending a crafted request to the web-based management interface of an affected device. A successful exploit could allow the attacker to execute arbitrary shell commands or scripts with root privileges on the affected device.Show less
CVE-2020-8958 1Gpononu 21ge+3fe+wifi Onu V2804rgw Firmware 1ge Router Wifi Onu V2801rw Firmware Nov 21, 2024 Jul 15, 2020 N/A· v4 7.2 HIGH· v3 9.0 HIGH· v2 Guangzhou 1GE ONU V2801RW 1.9.1-181203 through 2.9.0-181024 and V2804RGW 1.9.1-181203 through 2.9.0-181024 devices allow remote attackers to execute arbitrary OS commands via shell metacharacters in the boaform/admin/for...Show more Guangzhou 1GE ONU V2801RW 1.9.1-181203 through 2.9.0-181024 and V2804RGW 1.9.1-181203 through 2.9.0-181024 devices allow remote attackers to execute arbitrary OS commands via shell metacharacters in the boaform/admin/formPing Dest IP Address field.Show less
CVE-2020-8178 1Jison Project 1Jison Nov 21, 2024 Jul 15, 2020 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Insufficient input validation in npm package `jison` <= 0.4.18 may lead to OS command injection attacks.
CVE-2020-11084 1Ipear Project 1Ipear Nov 21, 2024 Jul 14, 2020 N/A· v4 5.4 MEDIUM· v3 5.5 MEDIUM· v2 In iPear, the manual execution of the eval() function can lead to command injection. Only PCs where commands are manually executed via "For Developers" are affected. This function allows executing any PHP code within iPe...Show more In iPear, the manual execution of the eval() function can lead to command injection. Only PCs where commands are manually executed via "For Developers" are affected. This function allows executing any PHP code within iPear which may change, damage, or steal data (files) from the PC.Show less
CVE-2020-11953 1Rittal 5Cmc Iii Pu 7030.000 Firmware Cmciii Pu 9333e0fb FirmwareIot Interface 3124.300+2 more Nov 21, 2024 Jul 14, 2020 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 An issue was discovered on Rittal PDU-3C002DEC through 5.15.40 and CMCIII-PU-9333E0FB through 3.15.70_4 devices. Attackers can execute code.
CVE-2020-4512 1Ibm 1Qradar Security Information And Event Manager Nov 21, 2024 Jul 14, 2020 N/A· v4 7.2 HIGH· v3 6.5 MEDIUM· v2 IBM QRadar SIEM 7.3 and 7.4 could allow a remote privileged user to execute commands.
CVE-2020-13925 1Apache 1Kylin Nov 21, 2024 Jul 14, 2020 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Similar to CVE-2020-1956, Kylin has one more restful API which concatenates the API inputs into OS commands and then executes them on the server; while the reported API misses necessary input validation, which causes the...Show more Similar to CVE-2020-1956, Kylin has one more restful API which concatenates the API inputs into OS commands and then executes them on the server; while the reported API misses necessary input validation, which causes the hackers to have the possibility to execute OS command remotely. Users of all previous versions after 2.3 should upgrade to 3.1.0.Show less
CVE-2020-10987 1Tenda 1Ac15 Firmware Nov 7, 2025 Jul 13, 2020 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 The goform/setUsbUnload endpoint of Tenda AC15 AC1900 version 15.03.05.19 allows remote attackers to execute arbitrary system commands via the deviceName POST parameter.
CVE-2020-8186 1Devcert Project 1Devcert Nov 21, 2024 Jul 10, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A command injection vulnerability in the `devcert` module may lead to remote code execution when users of the module pass untrusted input to the `certificateFor` function.
CVE-2020-9377 1Dlink 1Dir 610 Firmware Nov 10, 2025 Jul 9, 2020 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 D-Link DIR-610 devices allow Remote Command Execution via the cmd parameter to command.php. NOTE: This vulnerability only affects products that are no longer supported by the maintainer

Previous 1...224225226...298 Next