Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.

CVEs (5,947)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2018-16130 1Mi 1Miwifi Os Nov 21, 2024 Nov 27, 2018 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 System command injection in request_mitv in Xiaomi Mi Router 3 version 2.22.15 allows attackers to execute arbitrary system commands via the "payload" URL parameter.
CVE-2018-14893 1Zyxel 1Nsa325 V2 Firmware Nov 21, 2024 Nov 27, 2018 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 A system command injection vulnerability in zyshclient in ZyXEL NSA325 V2 version 4.81 allows attackers to execute system commands via the web application API.
CVE-2018-13316 1Totolink 1A3002ru Firmware Nov 21, 2024 Nov 27, 2018 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 System command injection in formAliasIp in TOTOLINK A3002RU version 1.0.8 allows attackers to execute system commands via the "subnet" POST parameter.
CVE-2018-13314 1Totolink 1A3002ru Firmware Nov 21, 2024 Nov 27, 2018 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 System command injection in formAliasIp in TOTOLINK A3002RU version 1.0.8 allows attackers to execute system commands via the "ipAddr" POST parameter.
CVE-2018-13307 1Totolink 1A3002ru Firmware Nov 21, 2024 Nov 27, 2018 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 System command injection in fromNtp in TOTOLINK A3002RU version 1.0.8 allows attackers to execute system commands via the "ntpServerIp2" POST parameter. Certain payloads cause the device to become permanently inoperable.
CVE-2018-13306 1Totolink 1A3002ru Firmware Nov 21, 2024 Nov 27, 2018 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 System command injection in formDlna in TOTOLINK A3002RU version 1.0.8 allows attackers to execute system commands via the "ftpUser" POST parameter.
CVE-2018-13023 1Mi 1Miwifi Os Nov 21, 2024 Nov 27, 2018 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 System command injection vulnerability in wifi_access in Xiaomi Mi Router 3 version 2.22.15 allows attackers to execute system commands via the "timeout" URL parameter.
CVE-2018-16090 1Lenovo 1System Management Module Firmware Nov 21, 2024 Nov 27, 2018 N/A· v4 7.5 HIGH· v3 6.0 MEDIUM· v2 In System Management Module (SMM) versions prior to 1.06, the SMM certificate creation and parsing logic is vulnerable to post-authentication command injection.
CVE-2018-16089 1Lenovo 1System Management Module Firmware Nov 21, 2024 Nov 27, 2018 N/A· v4 7.5 HIGH· v3 8.5 HIGH· v2 In System Management Module (SMM) versions prior to 1.06, a field in the header of SMM firmware update images is insufficiently sanitized, allowing post-authentication command injection on the SMM as the root user.
CVE-2018-13320 1Buffalo 1Ts5600d1206 Firmware Nov 21, 2024 Nov 26, 2018 N/A· v4 7.2 HIGH· v3 6.5 MEDIUM· v2 System Command Injection in network.set_auth_settings in Buffalo TS5600D1206 version 3.70-0.10 allows attackers to execute system commands via the adminUsername and adminPassword parameters.
CVE-2018-13318 1Buffalo 1Ts5600d1206 Firmware Nov 21, 2024 Nov 26, 2018 N/A· v4 7.2 HIGH· v3 6.5 MEDIUM· v2 System command injection in User.create method in Buffalo TS5600D1206 version 3.61-0.10 allows attackers to execute system commands via the "name" parameter.
CVE-2018-13311 1Totolink 1A3002ru Firmware Nov 21, 2024 Nov 26, 2018 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 System command injection in formDlna in TOTOLINK A3002RU version 1.0.8 allows attackers to execute system commands via the "sambaUser" POST parameter.
CVE-2018-11077 2Dell Vmware 3Emc Avamar Emc Integrated Data Protection ApplianceVsphere Data Protection Nov 21, 2024 Nov 26, 2018 N/A· v4 6.7 MEDIUM· v3 7.2 HIGH· v2 'getlogs' utility in Dell EMC Avamar Server versions 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.4.0, 7.4.1, 7.5.0, 7.5.1 and 18.1 and Dell EMC Integrated Data Protection Appliance (IDPA) versions 2.0, 2.1 and 2.2 is affected by an OS...Show more 'getlogs' utility in Dell EMC Avamar Server versions 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.4.0, 7.4.1, 7.5.0, 7.5.1 and 18.1 and Dell EMC Integrated Data Protection Appliance (IDPA) versions 2.0, 2.1 and 2.2 is affected by an OS command injection vulnerability. A malicious Avamar admin user may potentially be able to execute arbitrary commands under root privilege.Show less
CVE-2018-18859 1Liquidvpn 1Liquidvpn Nov 21, 2024 Nov 20, 2018 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 Multiple local privilege escalation vulnerabilities have been identified in the LiquidVPN client through 1.37 for macOS. An attacker can communicate with an unprotected XPC service and directly execute arbitrary OS comma...Show more Multiple local privilege escalation vulnerabilities have been identified in the LiquidVPN client through 1.37 for macOS. An attacker can communicate with an unprotected XPC service and directly execute arbitrary OS commands as root or load a potentially malicious kernel extension because com.smr.liquidvpn.OVPNHelper uses the value of the "tun_path" or "tap_path" pathname in a kextload() call.Show less
CVE-2018-18858 1Liquidvpn 1Liquidvpn Nov 21, 2024 Nov 20, 2018 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 Multiple local privilege escalation vulnerabilities have been identified in the LiquidVPN client through 1.37 for macOS. An attacker can communicate with an unprotected XPC service and directly execute arbitrary OS comma...Show more Multiple local privilege escalation vulnerabilities have been identified in the LiquidVPN client through 1.37 for macOS. An attacker can communicate with an unprotected XPC service and directly execute arbitrary OS commands as root or load a potentially malicious kernel extension because com.smr.liquidvpn.OVPNHelper uses the system function to execute the "tun_path" or "tap_path" pathname within a shell command.Show less
CVE-2018-18857 1Liquidvpn 1Liquidvpn Nov 21, 2024 Nov 20, 2018 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 Multiple local privilege escalation vulnerabilities have been identified in the LiquidVPN client through 1.37 for macOS. An attacker can communicate with an unprotected XPC service and directly execute arbitrary OS comma...Show more Multiple local privilege escalation vulnerabilities have been identified in the LiquidVPN client through 1.37 for macOS. An attacker can communicate with an unprotected XPC service and directly execute arbitrary OS commands as root or load a potentially malicious kernel extension because com.smr.liquidvpn.OVPNHelper uses the system function to execute the "command_line" parameter as a shell command.Show less
CVE-2018-18856 1Liquidvpn 1Liquidvpn Nov 21, 2024 Nov 20, 2018 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 Multiple local privilege escalation vulnerabilities have been identified in the LiquidVPN client through 1.37 for macOS. An attacker can communicate with an unprotected XPC service and directly execute arbitrary OS comma...Show more Multiple local privilege escalation vulnerabilities have been identified in the LiquidVPN client through 1.37 for macOS. An attacker can communicate with an unprotected XPC service and directly execute arbitrary OS commands as root or load a potentially malicious kernel extension because com.smr.liquidvpn.OVPNHelper uses the system function to execute the "openvpncmd" parameter as a shell command.Show less
CVE-2018-9086 1Lenovo 4Thinkserver Rd340 Firmware Thinkserver Rd440 FirmwareThinkserver Rd640 Firmware+1 more Nov 21, 2024 Nov 16, 2018 N/A· v4 7.2 HIGH· v3 6.5 MEDIUM· v2 In some Lenovo ThinkServer-branded servers, a command injection vulnerability exists in the BMC firmware download command. This allows a privileged user to download and execute arbitrary code inside the BMC. This can onl...Show more In some Lenovo ThinkServer-branded servers, a command injection vulnerability exists in the BMC firmware download command. This allows a privileged user to download and execute arbitrary code inside the BMC. This can only be exploited by authorized privileged users.Show less
CVE-2018-0694 1Soliton 1Filezen Nov 21, 2024 Nov 15, 2018 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 FileZen V3.0.0 to V4.2.1 allows remote attackers to execute arbitrary OS commands via unspecified vectors.
CVE-2018-15711 1Nagios 1Nagios Xi Nov 21, 2024 Nov 14, 2018 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 Nagios XI 5.5.6 allows remote authenticated attackers to reset and regenerate the API key of more privileged users. The attacker can then use the new API key to execute API calls at elevated privileges.

Previous 1...263264265...298 Next