Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.

CVEs (5,947)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2019-14527 1Netgear 1Mr1100 Firmware Nov 21, 2024 Aug 14, 2019 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 An issue was discovered on NETGEAR Nighthawk M1 (MR1100) devices before 12.06.03. System commands can be executed, via the web interface, after authentication.
CVE-2019-12103 1Tp Link 1M7350 Firmware Nov 21, 2024 Aug 14, 2019 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 The web-based configuration interface of the TP-Link M7350 V3 with firmware before 190531 is affected by a pre-authentication command injection vulnerability.
CVE-2019-15027 1Mediatek 3Mt6577 Firmware Mt6625 FirmwareMt8163 Firmware Nov 21, 2024 Aug 14, 2019 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 The MediaTek Embedded Multimedia Card (eMMC) subsystem for Android on MT65xx, MT66xx, and MT8163 SoC devices allows attackers to execute arbitrary commands as root via shell metacharacters in a filename under /data, beca...Show more The MediaTek Embedded Multimedia Card (eMMC) subsystem for Android on MT65xx, MT66xx, and MT8163 SoC devices allows attackers to execute arbitrary commands as root via shell metacharacters in a filename under /data, because clear_emmc_nomedia_entry in platform/mt6577/external/meta/emmc/meta_clr_emmc.c invokes 'system("/system/bin/rm -r /data/' followed by this filename upon an eMMC clearance from a Meta Mode boot. NOTE: compromise of Fire OS on the Amazon Echo Dot would require a second hypothetical vulnerability that allows creation of the required file under /data.Show less
CVE-2019-1971 1Cisco 1Enterprise Network Function Virtualization Infrastructure Nov 21, 2024 Aug 8, 2019 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 A vulnerability in the web portal of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an unauthenticated, remote attacker to perform a command injection attack and execute arbitrary commands with root pri...Show more A vulnerability in the web portal of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an unauthenticated, remote attacker to perform a command injection attack and execute arbitrary commands with root privileges. The vulnerability is due to insufficient input validation by the web portal framework. An attacker could exploit this vulnerability by providing malicious input during web portal authentication. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system.Show less
CVE-2019-1960 1Cisco 1Enterprise Network Function Virtualization Infrastructure Nov 21, 2024 Aug 8, 2019 N/A· v4 4.4 MEDIUM· v3 2.1 LOW· v2 Multiple vulnerabilities in Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, local attacker to read arbitrary files on the underlying operating system (OS) of an affected device. For mor...Show more Multiple vulnerabilities in Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, local attacker to read arbitrary files on the underlying operating system (OS) of an affected device. For more information about these vulnerabilities, see the Details section of this advisory.Show less
CVE-2019-1959 1Cisco 1Enterprise Network Function Virtualization Infrastructure Nov 21, 2024 Aug 8, 2019 N/A· v4 4.4 MEDIUM· v3 2.1 LOW· v2 Multiple vulnerabilities in Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, local attacker to read arbitrary files on the underlying operating system (OS) of an affected device. For mor...Show more Multiple vulnerabilities in Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, local attacker to read arbitrary files on the underlying operating system (OS) of an affected device. For more information about these vulnerabilities, see the Details section of this advisory.Show less
CVE-2019-14744 6Canonical DebianFedoraproject+3 more 8Backports Sle Debian LinuxEnterprise Linux Desktop+5 more Nov 21, 2024 Aug 7, 2019 N/A· v4 7.8 HIGH· v3 5.1 MEDIUM· v2 In KDE Frameworks KConfig before 5.61.0, malicious desktop files and configuration files lead to code execution with minimal user interaction. This relates to libKF5ConfigCore.so, and the mishandling of .desktop and .dir...Show more In KDE Frameworks KConfig before 5.61.0, malicious desktop files and configuration files lead to code execution with minimal user interaction. This relates to libKF5ConfigCore.so, and the mishandling of .desktop and .directory files, as demonstrated by a shell command on an Icon line in a .desktop file.Show less
CVE-2019-14699 1Microdigital 3Mdc N2190v Firmware Mdc N4090 FirmwareMdc N4090w Firmware Nov 21, 2024 Aug 6, 2019 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 An issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. An attacker can exploit OS Command Injection in the filename parameter for remote code execution as root. This occurs in the Main...Show more An issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. An attacker can exploit OS Command Injection in the filename parameter for remote code execution as root. This occurs in the Mainproc executable file, which can be run from the HTTPD web server.Show less
CVE-2019-14260 1Al Enterprise 18008 Firmware Nov 21, 2024 Aug 1, 2019 N/A· v4 8.0 HIGH· v3 7.7 HIGH· v2 On the Alcatel-Lucent Enterprise (ALE) 8008 Cloud Edition Deskphone VoIP phone with firmware 1.50.13, a command injection (missing input validation) issue in the password change field for the Change Password interface al...Show more On the Alcatel-Lucent Enterprise (ALE) 8008 Cloud Edition Deskphone VoIP phone with firmware 1.50.13, a command injection (missing input validation) issue in the password change field for the Change Password interface allows an authenticated remote attacker in the same network to trigger OS commands via shell commands in a POST request.Show less
CVE-2019-14259 1Polycom 1Obihai Obi1022 Firmware Nov 21, 2024 Aug 1, 2019 N/A· v4 8.0 HIGH· v3 7.7 HIGH· v2 On the Polycom Obihai Obi1022 VoIP phone with firmware 5.1.11, a command injection (missing input validation) issue in the NTP server IP address field for the "Time Service Settings web" interface allows an authenticated...Show more On the Polycom Obihai Obi1022 VoIP phone with firmware 5.1.11, a command injection (missing input validation) issue in the NTP server IP address field for the "Time Service Settings web" interface allows an authenticated remote attacker in the same network to trigger OS commands via shell commands in a POST request.Show less
CVE-2019-14337 1Dlink 26600 Ap Firmware Dwl 3600ap Firmware Nov 21, 2024 Aug 1, 2019 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 An issue was discovered on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 21/03/2019 devices. There is an ability to escape to a shell in the restricted command line interface, as demonstrated by the `/bin/sh -c wget` sequenc...Show more An issue was discovered on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 21/03/2019 devices. There is an ability to escape to a shell in the restricted command line interface, as demonstrated by the `/bin/sh -c wget` sequence.Show less
CVE-2019-1020004 1Tridactyl Project 1Tridactyl Nov 21, 2024 Jul 29, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Tridactyl before 1.16.0 allows fake key events.
CVE-2019-13638 2Debian Gnu 2Debian Linux Patch Nov 21, 2024 Jul 26, 2019 N/A· v4 7.8 HIGH· v3 9.3 HIGH· v2 GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style diff payload with shell metacharacters. The ed editor does not need to b...Show more GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style diff payload with shell metacharacters. The ed editor does not need to be present on the vulnerable system. This is different from CVE-2018-1000156.Show less
CVE-2019-3595 1Mcafee 1Data Loss Prevention Endpoint Nov 21, 2024 Jul 24, 2019 N/A· v4 6.5 MEDIUM· v3 4.4 MEDIUM· v2 Improper Neutralization of Special Elements used in a Command ('Command Injection') in ePO extension in McAfee Data Loss Prevention (DLP) 11.x prior to 11.3.0 allows Authenticated Adminstrator to execute arbitrary code w...Show more Improper Neutralization of Special Elements used in a Command ('Command Injection') in ePO extension in McAfee Data Loss Prevention (DLP) 11.x prior to 11.3.0 allows Authenticated Adminstrator to execute arbitrary code with their local machine privileges via a specially crafted DLP policy, which is exported and opened on the their machine. In our checks, the user must explicitly allow the code to execute.Show less
CVE-2019-1010179 1Phkp Project 1Phkp Nov 21, 2024 Jul 24, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 PHKP including commit 88fd9cfdf14ea4b6ac3e3967feea7bcaabb6f03b is affected by: Improper Neutralization of Special Elements used in a Command ('Command Injection'). The impact is: It is possible to manipulate gpg-keys or...Show more PHKP including commit 88fd9cfdf14ea4b6ac3e3967feea7bcaabb6f03b is affected by: Improper Neutralization of Special Elements used in a Command ('Command Injection'). The impact is: It is possible to manipulate gpg-keys or execute commands remotely. The component is: function pgp_exec() phkp.php:98. The attack vector is: HKP-Api: /pks/lookup?search.Show less
CVE-2019-1010200 1Google 1Voice Builder Nov 21, 2024 Jul 23, 2019 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Voice Builder Prior to commit c145d4604df67e6fc625992412eef0bf9a85e26b and f6660e6d8f0d1d931359d591dbdec580fef36d36 is affected by: CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command I...Show more Voice Builder Prior to commit c145d4604df67e6fc625992412eef0bf9a85e26b and f6660e6d8f0d1d931359d591dbdec580fef36d36 is affected by: CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection'). The impact is: Remote code execution with the same privileges as the servers. The component is: Two web servers in the projects expose three vulnerable endpoints that can be accessed remotely. The endpoints are defined at: - /tts: https://github.com/google/voice-builder/blob/3a449a3e8d5100ff323161c89b897f6d5ccdb6f9/merlin_model_server/api.js#L34 - /alignment: https://github.com/google/voice-builder/blob/3a449a3e8d5100ff323161c89b897f6d5ccdb6f9/festival_model_server/api.js#L28 - /tts: https://github.com/google/voice-builder/blob/3a449a3e8d5100ff323161c89b897f6d5ccdb6f9/festival_model_server/api.js#L65. The attack vector is: Attacker sends a GET request to the vulnerable endpoint with a specially formatted query parameter. The fixed version is: After commit f6660e6d8f0d1d931359d591dbdec580fef36d36.Show less
CVE-2019-12328 1Atcom 1A10w Firmware Nov 21, 2024 Jul 22, 2019 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 A command injection (missing input validation) issue in the remote phonebook configuration URI in the web interface of the Atcom A10W VoIP phone with firmware 2.6.1a2421 allows an authenticated remote attacker in the sam...Show more A command injection (missing input validation) issue in the remote phonebook configuration URI in the web interface of the Atcom A10W VoIP phone with firmware 2.6.1a2421 allows an authenticated remote attacker in the same network to trigger OS commands via shell metacharacters in a POST request.Show less
CVE-2019-12324 1Akuvox 1Sp R50p Firmware Nov 21, 2024 Jul 22, 2019 N/A· v4 7.2 HIGH· v3 9.0 HIGH· v2 A command injection (missing input validation) issue in the IP address field for the logging server in the configuration web interface on the Akuvox R50P VoIP phone with firmware 50.0.6.156 allows an authenticated remote...Show more A command injection (missing input validation) issue in the IP address field for the logging server in the configuration web interface on the Akuvox R50P VoIP phone with firmware 50.0.6.156 allows an authenticated remote attacker in the same network to trigger OS commands via shell metacharacters in a POST request.Show less
CVE-2019-12725 1Zeroshell 1Zeroshell Nov 21, 2024 Jul 19, 2019 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Zeroshell 3.9.0 is prone to a remote command execution vulnerability. Specifically, this issue occurs because the web application mishandles a few HTTP parameters. An unauthenticated attacker can exploit this issue by in...Show more Zeroshell 3.9.0 is prone to a remote command execution vulnerability. Specifically, this issue occurs because the web application mishandles a few HTTP parameters. An unauthenticated attacker can exploit this issue by injecting OS commands inside the vulnerable parameters.Show less
CVE-2019-1010245 1Linuxfoundation 1Open Network Operating System Nov 21, 2024 Jul 19, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 The Linux Foundation ONOS SDN Controller 1.15 and earlier versions is affected by: Improper Input Validation. The impact is: A remote attacker can execute arbitrary commands on the controller. The component is: apps/yang...Show more The Linux Foundation ONOS SDN Controller 1.15 and earlier versions is affected by: Improper Input Validation. The impact is: A remote attacker can execute arbitrary commands on the controller. The component is: apps/yang/src/main/java/org/onosproject/yang/impl/YangLiveCompilerManager.java. The attack vector is: network connectivity. The fixed version is: 1.15.Show less

Previous 1...249250251...298 Next