Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.

CVEs (5,893)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2018-6530 1Dlink 4Dir 860l Firmware Dir 865l FirmwareDir 868l Firmware+1 more Nov 7, 2025 Mar 6, 2018 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 OS command injection vulnerability in soap.cgi (soapcgi_main in cgibin) in D-Link DIR-880L DIR-880L_REVA_FIRMWARE_PATCH_1.08B04 and previous versions, DIR-868L DIR868LA1_FW112b04 and previous versions, DIR-65L DIR-865L_R...Show more OS command injection vulnerability in soap.cgi (soapcgi_main in cgibin) in D-Link DIR-880L DIR-880L_REVA_FIRMWARE_PATCH_1.08B04 and previous versions, DIR-868L DIR868LA1_FW112b04 and previous versions, DIR-65L DIR-865L_REVA_FIRMWARE_PATCH_1.08.B01 and previous versions, and DIR-860L DIR860LA1_FW110b04 and previous versions allows remote attackers to execute arbitrary OS commands via the service parameter.Show less
CVE-2018-7664 1Clip Bucket 1Clipbucket Nov 21, 2024 Mar 5, 2018 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 An issue was discovered in ClipBucket before 4.0.0 Release 4902. Any OS commands can be injected via shell metacharacters in the file_name parameter to /api/file_uploader.php or /actions/file_downloader.php.
CVE-2018-1169 1Amazon 1Amazon Music Nov 21, 2024 Mar 2, 2018 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Amazon Music Player 6.1.5.1213. User interaction is required to exploit this vulnerability in that the target must visit...Show more This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Amazon Music Player 6.1.5.1213. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of URI handlers. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-5521.Show less
CVE-2017-9274 1Opensuse 1Obs Service Source Validator Nov 21, 2024 Mar 1, 2018 N/A· v4 7.8 HIGH· v3 9.3 HIGH· v2 A shell command injection in the obs-service-source_validator before 0.7 could be used to execute code as the packager when checking RPM SPEC files with specific macro constructs.
CVE-2015-4117 1Vestacp 1Control Panel Nov 21, 2024 Feb 28, 2018 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 Vesta Control Panel before 0.9.8-14 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the backup parameter to list/backup/index.php.
CVE-2016-0291 1Ibm 1Bigfix Platform Nov 21, 2024 Feb 28, 2018 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 IBM BigFix Platform 9.0, 9.1 before 9.1.8, and 9.2 before 9.2.8 allow remote authenticated users to execute arbitrary commands by leveraging report server access. IBM X-Force ID: 111302.
CVE-2018-7448 1Cmsmadesimple 1Cms Made Simple Nov 21, 2024 Feb 26, 2018 N/A· v4 7.5 HIGH· v3 8.5 HIGH· v2 Remote code execution vulnerability in /cmsms-2.1.6-install.php/index.php in CMS Made Simple version 2.1.6 allows remote attackers to inject arbitrary PHP code via the "timezone" parameter in step 4 of a fresh installati...Show more Remote code execution vulnerability in /cmsms-2.1.6-install.php/index.php in CMS Made Simple version 2.1.6 allows remote attackers to inject arbitrary PHP code via the "timezone" parameter in step 4 of a fresh installation procedure.Show less
CVE-2018-7440 2Debian Leptonica 2Debian Linux Leptonica Nov 21, 2024 Feb 23, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An issue was discovered in Leptonica through 1.75.3. The gplotMakeOutput function allows command injection via a $(command) approach in the gplot rootname argument. This issue exists because of an incomplete fix for CVE-...Show more An issue was discovered in Leptonica through 1.75.3. The gplotMakeOutput function allows command injection via a $(command) approach in the gplot rootname argument. This issue exists because of an incomplete fix for CVE-2018-3836.Show less
CVE-2018-7046 1Kentico 1Xperience Dec 19, 2025 Feb 20, 2018 N/A· v4 7.2 HIGH· v3 9.0 HIGH· v2 Arbitrary code execution vulnerability in Kentico 9 through 11 allows remote authenticated users to execute arbitrary operating system commands in a dynamic .NET code evaluation context via C# code in a "Pages -> Edit ->...Show more Arbitrary code execution vulnerability in Kentico 9 through 11 allows remote authenticated users to execute arbitrary operating system commands in a dynamic .NET code evaluation context via C# code in a "Pages -> Edit -> Template -> Edit template properties -> Layout" box. NOTE: the vendor has responded that there is intended functionality for authorized users to edit and update ascx code layoutShow less
CVE-2018-7187 2Debian Golang 2Debian Linux Go Nov 21, 2024 Feb 16, 2018 N/A· v4 8.8 HIGH· v3 9.3 HIGH· v2 The "go get" implementation in Go 1.9.4, when the -insecure command-line option is used, does not validate the import path (get/vcs.go only checks for "://" anywhere in the string), which allows remote attackers to execu...Show more The "go get" implementation in Go 1.9.4, when the -insecure command-line option is used, does not validate the import path (get/vcs.go only checks for "://" anywhere in the string), which allows remote attackers to execute arbitrary OS commands via a crafted web site.Show less
CVE-2017-14535 1Netfortris 1Trixbox Nov 21, 2024 Feb 16, 2018 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 trixbox 2.8.0.4 has OS command injection via shell metacharacters in the lang parameter to /maint/modules/home/index.php.
CVE-2017-6230 1Ruckuswireless 2Smartzone Managed Access Point Firmware Solo Access Point Firmware Nov 21, 2024 Feb 14, 2018 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 Ruckus Networks Solo APs firmware releases R110.x or before and Ruckus Networks SZ managed APs firmware releases R5.x or before contain authenticated Root Command Injection in the web-GUI that could allow authenticated v...Show more Ruckus Networks Solo APs firmware releases R110.x or before and Ruckus Networks SZ managed APs firmware releases R5.x or before contain authenticated Root Command Injection in the web-GUI that could allow authenticated valid users to execute privileged commands on the respective systems.Show less
CVE-2017-6229 1Ruckuswireless 15H320 Firmware H510 FirmwareR310 Firmware+12 more Nov 21, 2024 Feb 14, 2018 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 Ruckus Networks Unleashed AP firmware releases before 200.6.10.1.x and Ruckus Networks Zone Director firmware releases 10.1.0.0.x, 9.10.2.0.x, 9.12.3.0.x, 9.13.3.0.x, 10.0.1.0.x or before contain authenticated Root Comma...Show more Ruckus Networks Unleashed AP firmware releases before 200.6.10.1.x and Ruckus Networks Zone Director firmware releases 10.1.0.0.x, 9.10.2.0.x, 9.12.3.0.x, 9.13.3.0.x, 10.0.1.0.x or before contain authenticated Root Command Injection in the CLI that could allow authenticated valid users to execute privileged commands on the respective systems.Show less
CVE-2018-6911 1Advantech 1Webaccess Nov 21, 2024 Feb 13, 2018 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 The VBWinExec function in Node\AspVBObj.dll in Advantech WebAccess 8.3.0 allows remote attackers to execute arbitrary OS commands via a single argument (aka the command parameter).
CVE-2018-6926 1Misp 1Misp Nov 21, 2024 Feb 12, 2018 N/A· v4 7.2 HIGH· v3 9.0 HIGH· v2 In app/Controller/ServersController.php in MISP 2.4.87, a server setting permitted the override of a path variable on certain Red Hed Enterprise Linux and CentOS systems (where rh_shell_fix was enabled), and consequently...Show more In app/Controller/ServersController.php in MISP 2.4.87, a server setting permitted the override of a path variable on certain Red Hed Enterprise Linux and CentOS systems (where rh_shell_fix was enabled), and consequently allowed site admins to inject arbitrary OS commands. The impact is limited by the setting being only accessible to the site administrator.Show less
CVE-2018-1000043 1Securityonion 1Squert Nov 21, 2024 Feb 9, 2018 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Security Onion Solutions Squert version 1.0.1 through 1.6.7 contains a CWE-78: Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) vulnerability in .inc/callback.php that can result i...Show more Security Onion Solutions Squert version 1.0.1 through 1.6.7 contains a CWE-78: Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) vulnerability in .inc/callback.php that can result in execution of OS Commands. This attack appear to be exploitable via Web request to .inc/callback.php with the payload in the txdata parameter, used in tx()/transcript(), or the catdata parameter, used in cat(). This vulnerability appears to have been fixed in 1.7.0.Show less
CVE-2018-1000042 1Securityonion 1Squert Nov 21, 2024 Feb 9, 2018 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Security Onion Solutions Squert version 1.3.0 through 1.6.7 contains a CWE-78: Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) vulnerability in .inc/callback.php that can result i...Show more Security Onion Solutions Squert version 1.3.0 through 1.6.7 contains a CWE-78: Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) vulnerability in .inc/callback.php that can result in execution of OS Commands. This attack appear to be exploitable via Web request to .inc/callback.php with the payload in the data or obj parameters, used in autocat(). This vulnerability appears to have been fixed in 1.7.0.Show less
CVE-2018-1000019 1Open Emr 1Openemr Nov 21, 2024 Feb 9, 2018 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 OpenEMR version 5.0.0 contains a OS Command Injection vulnerability in fax_dispatch.php that can result in OS command injection by an authenticated attacker with any role. This vulnerability appears to have been fixed in...Show more OpenEMR version 5.0.0 contains a OS Command Injection vulnerability in fax_dispatch.php that can result in OS command injection by an authenticated attacker with any role. This vulnerability appears to have been fixed in 5.0.0 Patch 2 or higher.Show less
CVE-2018-0514 1Futomi 1Mp Form Mail Cgi Nov 21, 2024 Feb 8, 2018 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 MP Form Mail CGI eCommerce Edition Ver 2.0.13 and earlier allows remote attackers to execute arbitrary OS commands via unspecified vectors.
CVE-2018-0512 1Iodata 45Bx Vp1 Firmware Gv Ntx1 FirmwareGv Ntx2 Firmware+42 more Nov 21, 2024 Feb 8, 2018 N/A· v4 6.8 MEDIUM· v3 7.7 HIGH· v2 Devices with IP address setting tool "MagicalFinder" provided by I-O DATA DEVICE, INC. allow authenticated attackers to execute arbitrary OS commands via unspecified vectors.

Previous 1...273274275...295 Next