Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.

CVEs (5,949)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2019-19642 1Supermicro 2X8sti F Bios X8sti F Firmware Nov 21, 2024 Dec 8, 2019 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 On SuperMicro X8STi-F motherboards with IPMI firmware 2.06 and BIOS 02.68, the Virtual Media feature allows OS Command Injection by authenticated attackers who can send HTTP requests to the IPMI IP address. This requires...Show more On SuperMicro X8STi-F motherboards with IPMI firmware 2.06 and BIOS 02.68, the Virtual Media feature allows OS Command Injection by authenticated attackers who can send HTTP requests to the IPMI IP address. This requires a POST to /rpc/setvmdrive.asp with shell metacharacters in ShareHost or ShareName. The attacker can achieve a persistent backdoor.Show less
CVE-2019-19609 1Strapi 1Strapi Nov 21, 2024 Dec 5, 2019 N/A· v4 7.2 HIGH· v3 9.0 HIGH· v2 The Strapi framework before 3.0.0-beta.17.8 is vulnerable to Remote Code Execution in the Install and Uninstall Plugin components of the Admin panel, because it does not sanitize the plugin name, and attackers can inject...Show more The Strapi framework before 3.0.0-beta.17.8 is vulnerable to Remote Code Execution in the Install and Uninstall Plugin components of the Admin panel, because it does not sanitize the plugin name, and attackers can inject arbitrary shell commands to be executed by the execa function.Show less
CVE-2019-19469 1Zmanda 1Amanda Nov 21, 2024 Dec 1, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 In Zmanda Management Console 3.3.9, ZMC_Admin_Advanced?form=adminTasks&action=Apply&command= allows CSRF, as demonstrated by command injection with shell metacharacters. This may depend on weak default credentials.
CVE-2011-2523 2Debian Vsftpd Project 2Debian Linux Vsftpd Nov 21, 2024 Nov 27, 2019 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 vsftpd 2.3.4 downloaded between 20110630 and 20110703 contains a backdoor which opens a shell on port 6200/tcp.
CVE-2019-18184 1Crestron 1Dmc Stro Firmware Nov 21, 2024 Nov 27, 2019 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Crestron DMC-STRO 1.0 devices allow remote command execution as root via shell metacharacters to the ping function.
CVE-2017-12945 1Mersive 1Solstice Firmware Nov 21, 2024 Nov 27, 2019 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 Insufficient validation of user-supplied input for the Solstice Pod before 2.8.4 networking configuration enables authenticated attackers to execute arbitrary commands as root.
CVE-2019-15298 1Centreon 1Centreon Web Nov 21, 2024 Nov 27, 2019 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 A problem was found in Centreon Web through 19.04.3. An authenticated command injection is present in the page include/configuration/configObject/traps-mibs/formMibs.php. This page is called from the Centreon administrat...Show more A problem was found in Centreon Web through 19.04.3. An authenticated command injection is present in the page include/configuration/configObject/traps-mibs/formMibs.php. This page is called from the Centreon administration interface. This is the mibs management feature that contains a file filing form. At the time of submission of a file, the mnftr parameter is sent to the page and is not filtered properly. This allows one to inject Linux commands directly.Show less
CVE-2019-16242 1Alcatelmobile 1Cingular Flip 2 Firmware Nov 21, 2024 Nov 26, 2019 N/A· v4 6.8 MEDIUM· v3 7.2 HIGH· v2 On TCL Alcatel Cingular Flip 2 B9HUAH1 devices, there is an engineering application named omamock that is vulnerable to OS command injection. An attacker with physical access to the device can abuse this vulnerability to...Show more On TCL Alcatel Cingular Flip 2 B9HUAH1 devices, there is an engineering application named omamock that is vulnerable to OS command injection. An attacker with physical access to the device can abuse this vulnerability to execute arbitrary OS commands as the root user via the application's UI.Show less
CVE-2019-12489 1Fastweb 1Askey Rtv1907vw Firmware Nov 21, 2024 Nov 26, 2019 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 An issue was discovered on Fastweb Askey RTV1907VW 0.00.81_FW_200_Askey 2018-10-02 18:08:18 devices. By using the usb_remove service through an HTTP request, it is possible to inject and execute a command between two & c...Show more An issue was discovered on Fastweb Askey RTV1907VW 0.00.81_FW_200_Askey 2018-10-02 18:08:18 devices. By using the usb_remove service through an HTTP request, it is possible to inject and execute a command between two & characters in the mount parameter.Show less
CVE-2019-15997 1Cisco 1Dna Spaces\ Nov 21, 2024 Nov 26, 2019 N/A· v4 6.7 MEDIUM· v3 7.2 HIGH· v2 A vulnerability in Cisco DNA Spaces: Connector could allow an authenticated, local attacker to perform a command injection attack and execute arbitrary commands on the underlying operating system as root. The vulnerabili...Show more A vulnerability in Cisco DNA Spaces: Connector could allow an authenticated, local attacker to perform a command injection attack and execute arbitrary commands on the underlying operating system as root. The vulnerability is due to insufficient validation of arguments passed to a specific CLI command. An attacker could exploit this vulnerability by including malicious input during the execution of the affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system as root.Show less
CVE-2019-15996 1Cisco 1Dna Spaces\ Nov 21, 2024 Nov 26, 2019 N/A· v4 6.7 MEDIUM· v3 7.2 HIGH· v2 A vulnerability in Cisco DNA Spaces: Connector could allow an authenticated, local attacker to elevate privileges and execute arbitrary commands on the underlying operating system as root. The vulnerability is due to ins...Show more A vulnerability in Cisco DNA Spaces: Connector could allow an authenticated, local attacker to elevate privileges and execute arbitrary commands on the underlying operating system as root. The vulnerability is due to insufficient restrictions during the execution of an affected CLI command. An attacker could exploit this vulnerability by leveraging the insufficient restrictions to modify sensitive files. A successful exploit could allow the attacker to elevate privileges and execute arbitrary commands on the underlying operating system as root.Show less
CVE-2019-15986 1Cisco 1Unity Express Nov 21, 2024 Nov 26, 2019 N/A· v4 6.7 MEDIUM· v3 7.2 HIGH· v2 A vulnerability in the CLI of Cisco Unity Express could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. To exploit this vulnerability, an attacker would need va...Show more A vulnerability in the CLI of Cisco Unity Express could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. To exploit this vulnerability, an attacker would need valid administrator credentials. The vulnerability is due to improper input validation for certain CLI commands that are executed on a vulnerable system. An attacker could exploit this vulnerability by logging in to the system and sending crafted CLI commands. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system and elevate privileges to root.Show less
CVE-2019-18910 1Hp 1Thinpro Nov 21, 2024 Nov 22, 2019 N/A· v4 6.8 MEDIUM· v3 4.6 MEDIUM· v2 The Citrix Receiver wrapper function does not safely handle user supplied input, which may be leveraged by an attacker to inject commands that will execute with local user privileges.
CVE-2019-18909 1Hp 1Thinpro Nov 21, 2024 Nov 22, 2019 N/A· v4 8.0 HIGH· v3 7.7 HIGH· v2 The VPN software within HP ThinPro does not safely handle user supplied input, which may be leveraged by an attacker to inject commands that will execute with root privileges.
CVE-2019-5072 1Tendacn 1Ac9v1.0 Firmware Nov 21, 2024 Nov 21, 2019 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 An exploitable command injection vulnerability exists in the /goform/WanParameterSetting functionality of Tenda AC9 Router AC1200 Smart Dual-Band Gigabit WiFi Route (AC9V1.0 Firmware V15.03.05.16multiTRU). A specially cr...Show more An exploitable command injection vulnerability exists in the /goform/WanParameterSetting functionality of Tenda AC9 Router AC1200 Smart Dual-Band Gigabit WiFi Route (AC9V1.0 Firmware V15.03.05.16multiTRU). A specially crafted HTTP POST request can cause a command injection in the DNS2 post parameters, resulting in code execution. An attacker can send HTTP POST request with command to trigger this vulnerability.Show less
CVE-2019-5071 1Tendacn 1Ac9v1.0 Firmware Nov 21, 2024 Nov 21, 2019 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 An exploitable command injection vulnerability exists in the /goform/WanParameterSetting functionality of Tenda AC9 Router AC1200 Smart Dual-Band Gigabit WiFi Route (AC9V1.0 Firmware V15.03.05.16multiTRU). A specially cr...Show more An exploitable command injection vulnerability exists in the /goform/WanParameterSetting functionality of Tenda AC9 Router AC1200 Smart Dual-Band Gigabit WiFi Route (AC9V1.0 Firmware V15.03.05.16multiTRU). A specially crafted HTTP POST request can cause a command injection in the DNS1 post parameters, resulting in code execution. An attacker can send HTTP POST request with command to trigger this vulnerability.Show less
CVE-2019-17650 1Fortinet 1Forticlient Nov 21, 2024 Nov 21, 2019 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 An Improper Neutralization of Special Elements used in a Command vulnerability in one of FortiClient for Mac OS root processes, may allow a local user of the system on which FortiClient is running to execute unauthorized...Show more An Improper Neutralization of Special Elements used in a Command vulnerability in one of FortiClient for Mac OS root processes, may allow a local user of the system on which FortiClient is running to execute unauthorized code as root by bypassing a security check.Show less
CVE-2019-18934 3Fedoraproject NlnetlabsOpensuse 3Fedora LeapUnbound Nov 21, 2024 Nov 19, 2019 N/A· v4 7.3 HIGH· v3 6.8 MEDIUM· v2 Unbound 1.6.4 through 1.9.4 contain a vulnerability in the ipsec module that can cause shell code execution after receiving a specially crafted answer. This issue can only be triggered if unbound was compiled with `--ena...Show more Unbound 1.6.4 through 1.9.4 contain a vulnerability in the ipsec module that can cause shell code execution after receiving a specially crafted answer. This issue can only be triggered if unbound was compiled with `--enable-ipsecmod` support, and ipsecmod is enabled and used in the configuration.Show less
CVE-2019-19117 1Phicomm 1K2(psg1218) Firmware Nov 21, 2024 Nov 18, 2019 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 /usr/lib/lua/luci/controller/admin/autoupgrade.lua on PHICOMM K2(PSG1218) V22.5.9.163 devices allows remote authenticated users to execute any command via shell metacharacters in the cgi-bin/luci autoUpTime parameter.
CVE-2019-19041 1Xorur 2Lpar2rrd Stor2rrd Nov 21, 2024 Nov 17, 2019 N/A· v4 7.2 HIGH· v3 9.0 HIGH· v2 An issue was discovered in Xorux Lpar2RRD 6.11 and Stor2RRD 2.61, as distributed in Xorux 2.41. They do not correctly verify the integrity of an upgrade package before processing it. As a result, official upgrade package...Show more An issue was discovered in Xorux Lpar2RRD 6.11 and Stor2RRD 2.61, as distributed in Xorux 2.41. They do not correctly verify the integrity of an upgrade package before processing it. As a result, official upgrade packages can be modified to inject an arbitrary Bash script that will be executed by the underlying system. It is possible to achieve this by modifying the values in the files.SUM file (which are used for integrity control) and injecting malicious code into the upgrade.sh file.Show less

Previous 1...243244245...298 Next