Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.

CVEs (5,947)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2019-3412 1Zte 1Mf920 Firmware Nov 21, 2024 Jun 11, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 All versions up to BD_R218V2.4 of ZTE MF920 product are impacted by command execution vulnerability. Due to some interfaces do not adequately verify parameters, an attacker can execute arbitrary commands through specific...Show more All versions up to BD_R218V2.4 of ZTE MF920 product are impacted by command execution vulnerability. Due to some interfaces do not adequately verify parameters, an attacker can execute arbitrary commands through specific interfaces.Show less
CVE-2019-3409 1Zte 1Wf820+ Lte Outdoor Cpe Firmware Nov 21, 2024 Jun 11, 2019 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 All versions up to UKBB_WF820+_1.0.0B06 of ZTE WF820+ LTE Outdoor CPE product are impacted by command injection vulnerability. Due to inadequate parameter verification, unauthorized users can take advantage of this vulne...Show more All versions up to UKBB_WF820+_1.0.0B06 of ZTE WF820+ LTE Outdoor CPE product are impacted by command injection vulnerability. Due to inadequate parameter verification, unauthorized users can take advantage of this vulnerability to control the user terminal system.Show less
CVE-2019-12787 1Dlink 1Dir 818l(w) Firmware Nov 21, 2024 Jun 10, 2019 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 An issue was discovered on D-Link DIR-818LW devices from 2.05.B03 to 2.06B01 BETA. There is a command injection in HNAP1 SetWanSettings via an XML injection of the value of the Gateway key.
CVE-2019-12780 1Belkin 1Crock Pot Smart Slow Cooker With Wemo Firmware Nov 21, 2024 Jun 10, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 The Belkin Wemo Enabled Crock-Pot allows command injection in the Wemo UPnP API via the SmartDevURL argument to the SetSmartDevInfo action. A simple POST request to /upnp/control/basicevent1 can allow an attacker to exec...Show more The Belkin Wemo Enabled Crock-Pot allows command injection in the Wemo UPnP API via the SmartDevURL argument to the SetSmartDevInfo action. A simple POST request to /upnp/control/basicevent1 can allow an attacker to execute commands without authentication.Show less
CVE-2018-10702 1Moxa 1Awk 3121 Firmware Nov 21, 2024 Jun 7, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 An issue was discovered on Moxa AWK-3121 1.14 devices. It provides functionality so that an administrator can run scripts on the device to troubleshoot any issues. However, the same functionality allows an attacker to ex...Show more An issue was discovered on Moxa AWK-3121 1.14 devices. It provides functionality so that an administrator can run scripts on the device to troubleshoot any issues. However, the same functionality allows an attacker to execute commands on the device. The POST parameter "iw_filename" is susceptible to command injection via shell metacharacters.Show less
CVE-2018-10699 1Moxa 1Awk 3121 Firmware Nov 21, 2024 Jun 7, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 An issue was discovered on Moxa AWK-3121 1.14 devices. The Moxa AWK 3121 provides certfile upload functionality so that an administrator can upload a certificate file used for connecting to the wireless network. However,...Show more An issue was discovered on Moxa AWK-3121 1.14 devices. The Moxa AWK 3121 provides certfile upload functionality so that an administrator can upload a certificate file used for connecting to the wireless network. However, the same functionality allows an attacker to execute commands on the device. The POST parameter "iw_privatePass" is susceptible to this injection. By crafting a packet that contains shell metacharacters, it is possible for an attacker to execute the attack.Show less
CVE-2018-10697 1Moxa 1Awk 3121 Firmware Nov 21, 2024 Jun 7, 2019 N/A· v4 8.8 HIGH· v3 9.3 HIGH· v2 An issue was discovered on Moxa AWK-3121 1.14 devices. The Moxa AWK 3121 provides ping functionality so that an administrator can execute ICMP calls to check if the network is working correctly. However, the same functio...Show more An issue was discovered on Moxa AWK-3121 1.14 devices. The Moxa AWK 3121 provides ping functionality so that an administrator can execute ICMP calls to check if the network is working correctly. However, the same functionality allows an attacker to execute commands on the device. The POST parameter "srvName" is susceptible to this injection. By crafting a packet that contains shell metacharacters, it is possible for an attacker to execute the attack.Show less
CVE-2018-5265 1Ui 1Edgeos Nov 21, 2024 Jun 7, 2019 N/A· v4 7.2 HIGH· v3 6.5 MEDIUM· v2 Ubiquiti EdgeOS 1.9.1 on EdgeRouter Lite devices allows remote attackers to execute arbitrary code with admin credentials, because /opt/vyatta/share/vyatta-cfg/templates/system/static-host-mapping/host-name/node.def does...Show more Ubiquiti EdgeOS 1.9.1 on EdgeRouter Lite devices allows remote attackers to execute arbitrary code with admin credentials, because /opt/vyatta/share/vyatta-cfg/templates/system/static-host-mapping/host-name/node.def does not sanitize the 'alias' or 'ips' parameter for shell metacharacters.Show less
CVE-2019-12771 1Thinstation Project 1Thinstation Nov 21, 2024 Jun 7, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Command injection is possible in ThinStation through 6.1.1 via shell metacharacters after the cgi-bin/CdControl.cgi action= substring, or after the cgi-bin/VolControl.cgi OK= substring.
CVE-2019-9156 1Gemalto 1Ezio Ds3 Server Nov 21, 2024 Jun 5, 2019 N/A· v4 8.0 HIGH· v3 5.2 MEDIUM· v2 Gemalto DS3 Authentication Server 2.6.1-SP01 allows OS Command Injection.
CVE-2019-12739 1Nextcloud 1Extract Nov 21, 2024 Jun 5, 2019 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 lib/Controller/ExtractionController.php in the Extract add-on before 1.2.0 for Nextcloud allows Remote Code Execution via shell metacharacters in a RAR filename via ajax/extractRar.php (nameOfFile and directory parameter...Show more lib/Controller/ExtractionController.php in the Extract add-on before 1.2.0 for Nextcloud allows Remote Code Execution via shell metacharacters in a RAR filename via ajax/extractRar.php (nameOfFile and directory parameters).Show less
CVE-2019-12735 2Neovim Vim 2Neovim Vim Nov 11, 2025 Jun 5, 2019 N/A· v4 8.6 HIGH· v3 9.3 HIGH· v2 getchar.c in Vim before 8.1.1365 and Neovim before 0.3.6 allows remote attackers to execute arbitrary OS commands via the :source! command in a modeline, as demonstrated by execute in Vim, and assert_fails or nvim_input...Show more getchar.c in Vim before 8.1.1365 and Neovim before 0.3.6 allows remote attackers to execute arbitrary OS commands via the :source! command in a modeline, as demonstrated by execute in Vim, and assert_fails or nvim_input in Neovim.Show less
CVE-2019-10149 3Canonical DebianExim 3Debian Linux EximUbuntu Linux Nov 6, 2025 Jun 5, 2019 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution.
CVE-2019-10883 1Citrix 2Citrix Sd Wan Center Netscaler Sd Wan Center Nov 21, 2024 Jun 3, 2019 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Citrix SD-WAN Center 10.2.x before 10.2.1 and NetScaler SD-WAN Center 10.0.x before 10.0.7 allow Command Injection.
CVE-2019-6739 1Malwarebytes 1Antimalware Nov 21, 2024 Jun 3, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Malwarebytes Antimalware 3.6.1.2711. User interaction is required to exploit this vulnerability in that the target must...Show more This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Malwarebytes Antimalware 3.6.1.2711. User interaction is required to exploit this vulnerability in that the target must visit a malicious web page. There is an issue with the way the product handles URIs within certain schemes. The product does not warn the user that a dangerous navigation is about to take place. Because special characters in the URI are not sanitized, this could lead to the execution of arbitrary commands. An attacker can leverage this vulnerability to execute code in the context of the current user at medium integrity. Was ZDI-CAN-7162.Show less
CVE-2019-6738 1Bitdefender 1Safepay Nov 21, 2024 Jun 3, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Bitdefender SafePay 23.0.10.34. User interaction is required to exploit this vulnerability in that the target must visit...Show more This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Bitdefender SafePay 23.0.10.34. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of TIScript. When processing the launch method the application does not properly validate a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability execute code in the context of the current process. Was ZDI-CAN-7250.Show less
CVE-2019-6736 1Bitdefender 1Safepay Nov 21, 2024 Jun 3, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Bitdefender SafePay 23.0.10.34. User interaction is required to exploit this vulnerability in that the target must visit...Show more This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Bitdefender SafePay 23.0.10.34. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of tiscript. When processing the System.Exec method the application does not properly validate a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-7234.Show less
CVE-2019-12585 2Apcupsd Netgate 2Apcupsd Pfsense Nov 21, 2024 Jun 3, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Apcupsd 0.3.91_5, as used in pfSense through 2.4.4-RELEASE-p3 and other products, has an Arbitrary Command Execution issue in apcupsd_status.php.
CVE-2019-9653 1Nuuo 1Network Video Recorder Firmware Nov 21, 2024 May 31, 2019 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 NUUO Network Video Recorder Firmware 1.7.x through 3.3.x allows unauthenticated attackers to execute arbitrary commands via shell metacharacters to handle_load_config.php.
CVE-2019-10048 1Pydio 1Pydio Nov 21, 2024 May 31, 2019 N/A· v4 7.2 HIGH· v3 9.0 HIGH· v2 The ImageMagick plugin that is installed by default in Pydio through 8.2.2 does not perform the appropriate validation and sanitization of user supplied input in the plugin's configuration options, allowing arbitrary she...Show more The ImageMagick plugin that is installed by default in Pydio through 8.2.2 does not perform the appropriate validation and sanitization of user supplied input in the plugin's configuration options, allowing arbitrary shell commands to be entered that result in command execution on the underlying operating system, with the privileges of the local user running the web server. The attacker must be authenticated into the application with an administrator user account in order to be able to edit the affected plugin configuration.Show less

Previous 1...253254255...298 Next