Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.

CVEs (5,949)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2020-10882 1Tp Link 1Ac1750 Firmware Nov 21, 2024 Mar 25, 2020 N/A· v4 8.8 HIGH· v3 8.3 HIGH· v2 This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link Archer A7 Firmware Ver: 190726 AC1750 routers. Authentication is not required to exploit this vulnerabil...Show more This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link Archer A7 Firmware Ver: 190726 AC1750 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the tdpServer service, which listens on UDP port 20002 by default. When parsing the slave_mac parameter, the process does not properly validate a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of the root user. Was ZDI-CAN-9650.Show less
CVE-2020-5282 1Nick Chan Bot Project 1Nick Chan Bot Nov 21, 2024 Mar 25, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 In Nick Chan Bot before version 1.0.0-beta there is a vulnerability in the `npm` command which is part of this software package. This allows arbitrary shell execution,which can compromise the bot This is patched in versi...Show more In Nick Chan Bot before version 1.0.0-beta there is a vulnerability in the `npm` command which is part of this software package. This allows arbitrary shell execution,which can compromise the bot This is patched in version 1.0.0-betaShow less
CVE-2020-10789 1It Novum 1Openitcockpit Nov 21, 2024 Mar 25, 2020 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 openITCOCKPIT before 3.7.3 has a web-based terminal that allows attackers to execute arbitrary OS commands via shell metacharacters that are mishandled on an su command line in app/Lib/SudoMessageInterface.php.
CVE-2020-5561 1Keijiban Tsumiki Project 1Keijiban Tsumiki Nov 21, 2024 Mar 25, 2020 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Keijiban Tsumiki v1.15 allows remote attackers to execute arbitrary OS commands via unspecified vectors.
CVE-2020-5560 1Wl Enq Project 1Wl Enq Nov 21, 2024 Mar 25, 2020 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 WL-Enq 1.11 and 1.12 allows remote attackers to execute arbitrary OS commands with the administrative privilege via unspecified vectors.
CVE-2020-5556 1Shihonkanri Plus Goout Project 1Shihonkanri Plus Goout Nov 21, 2024 Mar 25, 2020 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Shihonkanri Plus GOOUT Ver1.5.8 and Ver2.2.10 allows remote attackers to execute arbitrary OS commands via unspecified vectors.
CVE-2020-10879 1Rconfig 1Rconfig Nov 21, 2024 Mar 23, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 rConfig before 3.9.5 allows command injection by sending a crafted GET request to lib/crud/search.crud.php since the nodeId parameter is passed directly to the exec function without being escaped.
CVE-2019-19034 1Zohocorp 1Manageengine Assetexplorer Nov 21, 2024 Mar 23, 2020 N/A· v4 7.2 HIGH· v3 6.5 MEDIUM· v2 Zoho ManageEngine Asset Explorer 6.5 does not validate the System Center Configuration Manager (SCCM) database username when dynamically generating a command to schedule scans for SCCM. This allows an attacker to execute...Show more Zoho ManageEngine Asset Explorer 6.5 does not validate the System Center Configuration Manager (SCCM) database username when dynamically generating a command to schedule scans for SCCM. This allows an attacker to execute arbitrary commands on the AssetExplorer Server with NT AUTHORITY/SYSTEM privileges.Show less
CVE-2016-11022 1Netgear 3Prosafe Wc7520 Firmware Prosafe Wc7600 FirmwareProsafe Wc9500 Firmware Nov 21, 2024 Mar 23, 2020 N/A· v4 7.2 HIGH· v3 6.5 MEDIUM· v2 NETGEAR Prosafe WC9500 5.1.0.17, WC7600 5.1.0.17, and WC7520 2.5.0.35 devices allow a remote attacker to execute code with root privileges via shell metacharacters in the reqMethod parameter to login_handler.php.
CVE-2020-10818 1Articatech 1Artica Proxy Nov 21, 2024 Mar 22, 2020 N/A· v4 7.2 HIGH· v3 6.5 MEDIUM· v2 Artica Proxy 4.26 allows remote command execution for an authenticated user via shell metacharacters in the "Modify the hostname" field.
CVE-2020-10808 1Vestacp 1Vesta Control Panel Nov 21, 2024 Mar 22, 2020 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 Vesta Control Panel (VestaCP) through 0.9.8-26 allows Command Injection via the schedule/backup Backup Listing Endpoint. The attacker must be able to create a crafted filename on the server, as demonstrated by an FTP ses...Show more Vesta Control Panel (VestaCP) through 0.9.8-26 allows Command Injection via the schedule/backup Backup Listing Endpoint. The attacker must be able to create a crafted filename on the server, as demonstrated by an FTP session that renames .bash_logout to a .bash_logout' substring followed by shell metacharacters.Show less
CVE-2019-12767 1Dlink 1Dap 1650 Firmware Nov 21, 2024 Mar 21, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An issue was discovered on D-Link DAP-1650 devices before 1.04B02_J65H Hot Fix. Attackers can execute arbitrary commands.
CVE-2019-19148 1Tellabs 1Optical Line Terminal 1150 Firmware Nov 21, 2024 Mar 20, 2020 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Tellabs Optical Line Terminal (OLT) 1150 devices allow Remote Command Execution via the -l option to TELNET or SSH. Tellabs has addressed this issue in the SR30.1 and SR31.1 release on February 18, 2020.
CVE-2019-19487 1Centreon 1Centreon Nov 21, 2024 Mar 20, 2020 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 Command Injection in minPlayCommand.php in Centreon (19.04.4 and below) allows an attacker to achieve command injection via a plugin test.
CVE-2018-20334 1Asus 1Asuswrt Nov 21, 2024 Mar 20, 2020 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 An issue was discovered in ASUSWRT 3.0.0.4.384.20308. When processing the /start_apply.htm POST data, there is a command injection issue via shell metacharacters in the fb_email parameter. By using this issue, an attacke...Show more An issue was discovered in ASUSWRT 3.0.0.4.384.20308. When processing the /start_apply.htm POST data, there is a command injection issue via shell metacharacters in the fb_email parameter. By using this issue, an attacker can control the router and get shell.Show less
CVE-2019-16072 1Netsas 1Enigma Network Management Solution Nov 21, 2024 Mar 20, 2020 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 An OS command injection vulnerability in the discover_and_manage CGI script in NETSAS Enigma NMS 65.0.0 and prior allows an attacker to execute arbitrary code because of improper neutralization of shell metacharacters in...Show more An OS command injection vulnerability in the discover_and_manage CGI script in NETSAS Enigma NMS 65.0.0 and prior allows an attacker to execute arbitrary code because of improper neutralization of shell metacharacters in the ip_address variable within an snmp_browser action.Show less
CVE-2020-3266 1Cisco 1Sd Wan Firmware Nov 21, 2024 Mar 19, 2020 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 A vulnerability in the CLI of Cisco SD-WAN Solution software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient inpu...Show more A vulnerability in the CLI of Cisco SD-WAN Solution software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by authenticating to the device and submitting crafted input to the CLI utility. The attacker must be authenticated to access the CLI utility. A successful exploit could allow the attacker to execute commands with root privileges.Show less
CVE-2020-10674 1Perlspeak Project 1Perlspeak Nov 21, 2024 Mar 18, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 PerlSpeak through 2.01 allows attackers to execute arbitrary OS commands, as demonstrated by use of system and 2-argument open.
CVE-2019-12132 1Onap 1Open Network Automation Platform Nov 21, 2024 Mar 18, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An issue was discovered in ONAP SDNC before Dublin. By executing sla/dgUpload with a crafted filename parameter, an unauthenticated attacker can execute an arbitrary command. All SDC setups that include admportal are aff...Show more An issue was discovered in ONAP SDNC before Dublin. By executing sla/dgUpload with a crafted filename parameter, an unauthenticated attacker can execute an arbitrary command. All SDC setups that include admportal are affected.Show less
CVE-2019-12123 1Onap 1Open Network Automation Platform Nov 21, 2024 Mar 18, 2020 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 An issue was discovered in ONAP SDNC before Dublin. By executing sla/printAsXml with a crafted module parameter, an authenticated user can execute an arbitrary command. All SDC setups that include admportal are affected.

Previous 1...232233234...298 Next