Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.

CVEs (5,949)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2019-10778 1Devcert Sanscache Project 1Devcert Sanscache Nov 21, 2024 Jan 8, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 devcert-sanscache before 0.4.7 allows remote attackers to execute arbitrary code or cause a Command Injection via the exec function. The variable `commonName` controlled by user input is used as part of the `exec` functi...Show more devcert-sanscache before 0.4.7 allows remote attackers to execute arbitrary code or cause a Command Injection via the exec function. The variable `commonName` controlled by user input is used as part of the `exec` function without any sanitization.Show less
CVE-2019-17148 1Parallels 1Parallels Desktop Nov 21, 2024 Jan 7, 2020 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop Parallels Desktop version 14.1.3 (45485). An attacker must first obtain the ability to execute low-privilege...Show more This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop Parallels Desktop version 14.1.3 (45485). An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Parallels Service. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of root. Was ZDI-CAN-8685.Show less
CVE-2019-10776 1Git Diff Apply Project 1Git Diff Apply Nov 21, 2024 Jan 7, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 In "index.js" file line 240, the run command executes the git command with a user controlled variable called remoteUrl. This affects git-diff-apply all versions prior to 0.22.2.
CVE-2019-20348 1Okerthai 1G232v1 Firmware Nov 21, 2024 Jan 6, 2020 N/A· v4 6.8 MEDIUM· v3 7.2 HIGH· v2 OKER G232V1 v1.03.02.20161129 devices provide a root terminal on a UART serial interface without proper access control. This allows attackers with physical access to interrupt the boot sequence in order to execute arbitr...Show more OKER G232V1 v1.03.02.20161129 devices provide a root terminal on a UART serial interface without proper access control. This allows attackers with physical access to interrupt the boot sequence in order to execute arbitrary commands with root privileges and conduct further attacks.Show less
CVE-2019-19509 1Rconfig 1Rconfig Nov 21, 2024 Jan 6, 2020 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 An issue was discovered in rConfig 3.9.3. A remote authenticated user can directly execute system commands by sending a GET request to ajaxArchiveFiles.php because the path parameter is passed to the exec function withou...Show more An issue was discovered in rConfig 3.9.3. A remote authenticated user can directly execute system commands by sending a GET request to ajaxArchiveFiles.php because the path parameter is passed to the exec function without filtering, which can lead to command execution.Show less
CVE-2016-11017 1Akips 1Network Monitor Nov 21, 2024 Jan 6, 2020 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 The application login page in AKIPS Network Monitor 15.37 through 16.5 allows a remote unauthenticated attacker to execute arbitrary OS commands via shell metacharacters in the username parameter (a failed login attempt...Show more The application login page in AKIPS Network Monitor 15.37 through 16.5 allows a remote unauthenticated attacker to execute arbitrary OS commands via shell metacharacters in the username parameter (a failed login attempt returns the command-injection output to a limited login failure field). This is fixed in 16.6.Show less
CVE-2019-15979 1Cisco 1Data Center Network Manager Nov 21, 2024 Jan 6, 2020 N/A· v4 7.2 HIGH· v3 9.0 HIGH· v2 Multiple vulnerabilities in the REST and SOAP API endpoints of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker with administrative privileges on the DCNM application to inject arbit...Show more Multiple vulnerabilities in the REST and SOAP API endpoints of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker with administrative privileges on the DCNM application to inject arbitrary commands on the underlying operating system (OS). For more information about these vulnerabilities, see the Details section of this advisory. Note: The severity of these vulnerabilities is aggravated by the vulnerabilities described in the Cisco Data Center Network Manager Authentication Bypass Vulnerabilities advisory, published simultaneously with this one.Show less
CVE-2019-15978 1Cisco 1Data Center Network Manager Nov 21, 2024 Jan 6, 2020 N/A· v4 7.2 HIGH· v3 9.0 HIGH· v2 Multiple vulnerabilities in the REST and SOAP API endpoints of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker with administrative privileges on the DCNM application to inject arbit...Show more Multiple vulnerabilities in the REST and SOAP API endpoints of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker with administrative privileges on the DCNM application to inject arbitrary commands on the underlying operating system (OS). For more information about these vulnerabilities, see the Details section of this advisory. Note: The severity of these vulnerabilities is aggravated by the vulnerabilities described in the Cisco Data Center Network Manager Authentication Bypass Vulnerabilities advisory, published simultaneously with this one.Show less
CVE-2019-5987 1Anglers Net 1Cgi An Anlyzer Nov 21, 2024 Jan 6, 2020 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 Access analysis CGI An-Analyzer released in 2019 June 24 and earlier allows remote authenticated attackers to execute arbitrary OS commands via the Management Page.
CVE-2012-5878 1Bulbsecurity 1Smartphone Pentest Framework Nov 21, 2024 Jan 3, 2020 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Bulb Security Smartphone Pentest Framework (SPF) 0.1.2 through 0.1.4 allows remote attackers to execute arbitrary commands via shell metacharacters in the hostingPath parameter to (1) SEAttack.pl or (2) CSAttack.pl in fr...Show more Bulb Security Smartphone Pentest Framework (SPF) 0.1.2 through 0.1.4 allows remote attackers to execute arbitrary commands via shell metacharacters in the hostingPath parameter to (1) SEAttack.pl or (2) CSAttack.pl in frameworkgui/ or the (3) appURLPath parameter to frameworkgui/attachMobileModem.pl.Show less
CVE-2012-5693 1Bulbsecurity 1Smartphone Pentest Framework Nov 21, 2024 Jan 3, 2020 N/A· v4 8.8 HIGH· v3 8.3 HIGH· v2 Bulb Security Smartphone Pentest Framework (SPF) before 0.1.3 allows remote attackers to execute arbitrary commands via shell metacharacters in the ipAddressTB parameter to (1) remoteAttack.pl or (2) guessPassword.pl in...Show more Bulb Security Smartphone Pentest Framework (SPF) before 0.1.3 allows remote attackers to execute arbitrary commands via shell metacharacters in the ipAddressTB parameter to (1) remoteAttack.pl or (2) guessPassword.pl in frameworkgui/; the filename parameter to (3) CSAttack.pl or (4) SEAttack.pl in frameworkgui/; the phNo2Attack parameter to (5) CSAttack.pl or (6) SEAttack.pl in frameworkgui/; the (7) platformDD2 parameter to frameworkgui/SEAttack.pl; the (8) agentURLPath or (9) agentControlKey parameter to frameworkgui/attach2agents.pl; or the (10) controlKey parameter to frameworkgui/attachMobileModem.pl. NOTE: The hostingPath parameter to CSAttack.pl and SEAttack.pl vectors and the appURLPath parameter to attachMobileModem.pl vector are covered by CVE-2012-5878.Show less
CVE-2020-5179 1Comtech 1Stampede Fx 1010 Firmware Jan 2, 2026 Jan 2, 2020 N/A· v4 7.2 HIGH· v3 9.0 HIGH· v2 Comtech Stampede FX-1010 7.4.3 devices allow remote authenticated administrators to execute arbitrary OS commands by navigating to the Diagnostics Ping page and entering shell metacharacters in the Target IP address fiel...Show more Comtech Stampede FX-1010 7.4.3 devices allow remote authenticated administrators to execute arbitrary OS commands by navigating to the Diagnostics Ping page and entering shell metacharacters in the Target IP address field. (In some cases, authentication can be achieved with the comtech password for the comtech account.)Show less
CVE-2019-20197 1Nagios 1Nagios Xi Nov 21, 2024 Dec 31, 2019 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 In Nagios XI 5.6.9, an authenticated user is able to execute arbitrary OS commands via shell metacharacters in the id parameter to schedulereport.php, in the context of the web-server user account.
CVE-2019-3984 1Amazon 1Blink Xt2 Sync Module Firmware Nov 21, 2024 Dec 31, 2019 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Blink XT2 Sync Module firmware prior to 2.13.11 allows remote attackers to execute arbitrary commands on the device due to improperly sanitized input when the device retrieves updates scripts from the internet.
CVE-2019-9197 1Unity3d 1Unity Editor Nov 21, 2024 Dec 31, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 The com.unity3d.kharma protocol handler in Unity Editor 2018.3 allows remote attackers to execute arbitrary code.
CVE-2019-16790 1Prasathmani 1Tiny File Manager Dec 31, 2025 Dec 30, 2019 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 In Tiny File Manager before 2.3.9, there is a remote code execution via Upload from URL and Edit/Rename files. Only authenticated users are impacted.
CVE-2019-17621 1Dlink 14Dir 818lx Firmware Dir 822 FirmwareDir 823 Firmware+11 more Nov 7, 2025 Dec 30, 2019 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 The UPnP endpoint URL /gena.cgi in the D-Link DIR-859 Wi-Fi router 1.05 and 1.06B01 Beta01 allows an Unauthenticated remote attacker to execute system commands as root, by sending a specially crafted HTTP SUBSCRIBE reque...Show more The UPnP endpoint URL /gena.cgi in the D-Link DIR-859 Wi-Fi router 1.05 and 1.06B01 Beta01 allows an Unauthenticated remote attacker to execute system commands as root, by sending a specially crafted HTTP SUBSCRIBE request to the UPnP service when connecting to the local network.Show less
CVE-2019-10774 1Php Shellcommand Project 1Php Shellcommand Nov 21, 2024 Dec 30, 2019 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 php-shellcommand versions before 1.6.1 have a command injection vulnerability. Successful exploitation could lead to arbitrary code execution.
CVE-2019-6014 1Dlink 1Dba 1510p Firmware Nov 21, 2024 Dec 26, 2019 N/A· v4 8.8 HIGH· v3 8.3 HIGH· v2 DBA-1510P firmware 1.70b009 and earlier allows an attacker to execute arbitrary OS commands via Web User Interface.
CVE-2019-6013 1Dlink 1Dba 1510p Firmware Nov 21, 2024 Dec 26, 2019 N/A· v4 6.6 MEDIUM· v3 6.8 MEDIUM· v2 DBA-1510P firmware 1.70b009 and earlier allows authenticated attackers to execute arbitrary OS commands via Command Line Interface (CLI).

Previous 1...241242243...298 Next