Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.

CVEs (5,889)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2017-9483 1Cisco 1Dpc3939 Firmware May 13, 2026 Jul 31, 2017 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST) devices allows Network Processor (NP) Linux users to obtain root access to the Application Processor (AP) Linux system v...Show more The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST) devices allows Network Processor (NP) Linux users to obtain root access to the Application Processor (AP) Linux system via shell metacharacters in commands.Show less
CVE-2017-11566 1Appsec Labs 1Appuse May 13, 2026 Jul 25, 2017 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 AppUse 4.0 allows shell command injection via a proxy field.
CVE-2015-2280 1Airlink101 1Skyipcam1620w Wireless N Mpeg4 3gpp Firmware May 13, 2026 Jul 25, 2017 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 snwrite.cgi in AirLink101 SkyIPCam1620W Wireless N MPEG4 3GPP network camera with firmware FW_AIC1620W_1.1.0-12_20120709_r1192.pck allows remote authenticated users to execute arbitrary OS commands via shell metacharacte...Show more snwrite.cgi in AirLink101 SkyIPCam1620W Wireless N MPEG4 3GPP network camera with firmware FW_AIC1620W_1.1.0-12_20120709_r1192.pck allows remote authenticated users to execute arbitrary OS commands via shell metacharacters in the mac parameter.Show less
CVE-2015-2279 1Airlive 3Bu 2015 Firmware Bu 3026 FirmwareMd 3025 Firmware May 13, 2026 Jul 25, 2017 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 cgi_test.cgi in AirLive BU-2015 with firmware 1.03.18, BU-3026 with firmware 1.43, and MD-3025 with firmware 1.81 allows remote attackers to execute arbitrary OS commands via shell metacharacters after an "&" (ampersand)...Show more cgi_test.cgi in AirLive BU-2015 with firmware 1.03.18, BU-3026 with firmware 1.43, and MD-3025 with firmware 1.81 allows remote attackers to execute arbitrary OS commands via shell metacharacters after an "&" (ampersand) in the write_mac write_pid, write_msn, write_tan, or write_hdv parameter.Show less
CVE-2017-11588 1Cisco 1Residential Gateway Firmware May 13, 2026 Jul 24, 2017 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 On Cisco DDR2200 ADSL2+ Residential Gateway DDR2200B-NA-AnnexA-FCC-V00.00.03.45.4E and DDR2201v1 ADSL2+ Residential Gateway DDR2201v1-NA-AnnexA-FCC-V00.00.03.28.3 devices, there is remote command execution via shell meta...Show more On Cisco DDR2200 ADSL2+ Residential Gateway DDR2200B-NA-AnnexA-FCC-V00.00.03.45.4E and DDR2201v1 ADSL2+ Residential Gateway DDR2201v1-NA-AnnexA-FCC-V00.00.03.28.3 devices, there is remote command execution via shell metacharacters in the pingAddr parameter to the waitPingqry.cgi URI. The command output is visible at /PingMsg.cmd.Show less
CVE-2017-2275 1Sony 1Wg C10 Firmware May 13, 2026 Jul 22, 2017 N/A· v4 7.2 HIGH· v3 9.0 HIGH· v2 WG-C10 v3.0.79 and earlier allows an attacker to execute arbitrary OS commands via unspecified vectors.
CVE-2017-6320 1Barracuda 1Load Balancer Adc May 13, 2026 Jul 18, 2017 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 A remote command injection vulnerability exists in the Barracuda Load Balancer product line (confirmed on v5.4.0.004 (2015-11-26) and v6.0.1.006 (2016-08-19); fixed in 6.1.0.003 (2017-01-17)) in which an authenticated us...Show more A remote command injection vulnerability exists in the Barracuda Load Balancer product line (confirmed on v5.4.0.004 (2015-11-26) and v6.0.1.006 (2016-08-19); fixed in 6.1.0.003 (2017-01-17)) in which an authenticated user can execute arbitrary shell commands and gain root privileges. The vulnerability stems from unsanitized data being processed in a system call when the delete_assessment command is issued.Show less
CVE-2017-1318 1Ibm 1Mq Appliance May 13, 2026 Jul 18, 2017 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 IBM MQ Appliance 8.0 and 9.0 could allow an authenticated messaging administrator to execute arbitrary commands on the system, caused by command execution. IBM X-Force ID: 125730.
CVE-2017-11318 1Cobiansoft 1Cobian Backup May 13, 2026 Jul 17, 2017 N/A· v4 8.1 HIGH· v3 6.8 MEDIUM· v2 Cobian Backup 11 client allows man-in-the-middle attackers to add and execute new backup tasks when the master server is spoofed. In addition, the attacker can execute system commands remotely by abusing pre-backup event...Show more Cobian Backup 11 client allows man-in-the-middle attackers to add and execute new backup tasks when the master server is spoofed. In addition, the attacker can execute system commands remotely by abusing pre-backup events.Show less
CVE-2017-1000009 1Akeneo 1Product Information Management May 13, 2026 Jul 17, 2017 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Akeneo PIM CE and EE <1.6.6, <1.5.15, <1.4.28 are vulnerable to shell injection in the mass edition, resulting in remote execution.
CVE-2017-4053 1Mcafee 1Advanced Threat Defense May 13, 2026 Jul 12, 2017 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Command Injection vulnerability in the web interface in McAfee Advanced Threat Defense (ATD) 3.10, 3.8, 3.6, 3.4 allows remote unauthenticated users / remote attackers to execute a command of their choice via a crafted H...Show more Command Injection vulnerability in the web interface in McAfee Advanced Threat Defense (ATD) 3.10, 3.8, 3.6, 3.4 allows remote unauthenticated users / remote attackers to execute a command of their choice via a crafted HTTP request parameter.Show less
CVE-2017-7175 1Nfsen 1Nfsen May 13, 2026 Jul 10, 2017 N/A· v4 9.9 CRITICAL· v3 9.0 HIGH· v2 NfSen before 1.3.8 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the customfmt parameter (aka the "Custom output format" field).
CVE-2017-2237 1Toshiba 2Hem Gw16a Firmware Hem Gw26a Firmware May 13, 2026 Jul 7, 2017 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Toshiba Home gateway HEM-GW16A firmware HEM-GW16A-FW-V1.2.0 and earlier. Toshiba Home gateway HEM-GW26A firmware HEM-GW26A-FW-V1.2.0 and earlier allows an attacker to execute arbitrary OS commands via unspecified vectors...Show more Toshiba Home gateway HEM-GW16A firmware HEM-GW16A-FW-V1.2.0 and earlier. Toshiba Home gateway HEM-GW26A firmware HEM-GW26A-FW-V1.2.0 and earlier allows an attacker to execute arbitrary OS commands via unspecified vectors.Show less
CVE-2017-2185 1Kddi 1Home Spot Cube 2 Firmware May 13, 2026 Jul 7, 2017 N/A· v4 8.8 HIGH· v3 5.2 MEDIUM· v2 HOME SPOT CUBE2 firmware V101 and earlier allows authenticated attackers to execute arbitrary OS commands via WebUI.
CVE-2017-2183 1Kddi 1Home Spot Cube 2 Firmware May 13, 2026 Jul 7, 2017 N/A· v4 8.0 HIGH· v3 5.2 MEDIUM· v2 HOME SPOT CUBE2 firmware V101 and earlier allows authenticated attackers to execute arbitrary OS commands via Clock Settings.
CVE-2017-6714 1Cisco 1Ultra Services Framework Staging Server May 13, 2026 Jul 6, 2017 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 A vulnerability in the AutoIT service of Cisco Ultra Services Framework Staging Server could allow an unauthenticated, remote attacker to execute arbitrary shell commands as the Linux root user. The vulnerability is due...Show more A vulnerability in the AutoIT service of Cisco Ultra Services Framework Staging Server could allow an unauthenticated, remote attacker to execute arbitrary shell commands as the Linux root user. The vulnerability is due to improper shell invocations. An attacker could exploit this vulnerability by crafting CLI command inputs to execute Linux shell commands as the root user. This vulnerability affects all releases of Cisco Ultra Services Framework Staging Server prior to Releases 5.0.3 and 5.1. Cisco Bug IDs: CSCvc76673.Show less
CVE-2017-6712 1Cisco 1Elastic Services Controller May 13, 2026 Jul 6, 2017 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 A vulnerability in certain commands of Cisco Elastic Services Controller could allow an authenticated, remote attacker to elevate privileges to root and run dangerous commands on the server. The vulnerability occurs beca...Show more A vulnerability in certain commands of Cisco Elastic Services Controller could allow an authenticated, remote attacker to elevate privileges to root and run dangerous commands on the server. The vulnerability occurs because a "tomcat" user on the system can run certain shell commands, allowing the user to overwrite any file on the filesystem and elevate privileges to root. This vulnerability affects Cisco Elastic Services Controller prior to releases 2.3.1.434 and 2.3.2. Cisco Bug IDs: CSCvc76634.Show less
CVE-2017-6707 1Cisco 1Staros May 13, 2026 Jul 6, 2017 N/A· v4 8.2 HIGH· v3 7.2 HIGH· v2 A vulnerability in the CLI command-parsing code of the Cisco StarOS operating system for Cisco ASR 5000 Series 11.0 through 21.0, 5500 Series, and 5700 Series devices and Cisco Virtualized Packet Core (VPC) Software coul...Show more A vulnerability in the CLI command-parsing code of the Cisco StarOS operating system for Cisco ASR 5000 Series 11.0 through 21.0, 5500 Series, and 5700 Series devices and Cisco Virtualized Packet Core (VPC) Software could allow an authenticated, local attacker to break from the StarOS CLI of an affected system and execute arbitrary shell commands as a Linux root user on the system, aka Command Injection. The vulnerability exists because the affected operating system does not sufficiently sanitize commands before inserting them into Linux shell commands. An attacker could exploit this vulnerability by submitting a crafted CLI command for execution in a Linux shell command as a root user. Cisco Bug IDs: CSCvc69329, CSCvc72930.Show less
CVE-2017-1253 1Ibm 1Security Guardium May 13, 2026 Jul 5, 2017 N/A· v4 9.9 CRITICAL· v3 6.5 MEDIUM· v2 IBM Security Guardium 10.0 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrar...Show more IBM Security Guardium 10.0 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. IBM X-Force ID: 124633.Show less
CVE-2017-8116 1Teltonika 4Rut900 Firmware Rut905 FirmwareRut950 Firmware+1 more May 13, 2026 Jul 3, 2017 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 The management interface for the Teltonika RUT9XX routers (aka LuCI) with firmware 00.03.265 and earlier allows remote attackers to execute arbitrary commands with root privileges via shell metacharacters in the username...Show more The management interface for the Teltonika RUT9XX routers (aka LuCI) with firmware 00.03.265 and earlier allows remote attackers to execute arbitrary commands with root privileges via shell metacharacters in the username parameter in a login request.Show less

Previous 1...279280281...295 Next