Skip to main content

Command Injection

7746 CVEs technique

Monthly

CVE-2025-60675 MEDIUM POC This Month

A command injection vulnerability exists in the D-Link DIR-823G router firmware DIR823G_V1.0.2B05_20181207.bin in the timelycheck and sysconf binaries, which process the /tmp/new_qos.rule. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dir 823G Firmware
NVD GitHub
CVSS 3.1
5.4
EPSS
0.9%
CVE-2025-60673 MEDIUM POC This Month

An unauthenticated command injection vulnerability exists in the D-Link DIR-878A1 router firmware FW101B04.bin. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dir 878 Firmware
NVD GitHub
CVSS 3.1
6.5
EPSS
0.3%
CVE-2025-60672 MEDIUM POC This Month

An unauthenticated command injection vulnerability exists in the D-Link DIR-878A1 router firmware FW101B04.bin. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dir 878 Firmware
NVD GitHub
CVSS 3.1
6.5
EPSS
0.3%
CVE-2025-60701 MEDIUM POC This Week

A command injection vulnerability exists in the D-Link DIR-882 Router firmware DIR882A1_FW102B02 within the `prog.cgi` and `rc` binaries. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dir 882 Firmware
NVD GitHub
CVSS 3.1
6.5
EPSS
0.2%
CVE-2025-60700 MEDIUM POC This Week

A command injection vulnerability exists in the D-Link DIR-882 Router firmware DIR882A1_FW102B02 within the `prog.cgi` and `librcm.so` binaries. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dir 882 Firmware
NVD GitHub
CVSS 3.1
6.5
EPSS
0.2%
CVE-2025-60698 HIGH POC This Month

A command injection vulnerability exists in the D-Link DIR-882 Router firmware DIR882A1_FW102B02 within the `prog.cgi` and `rc` binaries. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dir 882 Firmware
NVD GitHub
CVSS 3.1
7.3
EPSS
0.5%
CVE-2025-60697 HIGH POC This Month

A command injection vulnerability exists in the D-Link DIR-882 Router firmware DIR882A1_FW102B02 within the `prog.cgi` and `rc` binaries. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dir 882 Firmware
NVD GitHub
CVSS 3.1
7.3
EPSS
0.5%
CVE-2025-60671 MEDIUM POC This Month

A command injection vulnerability exists in the D-Link DIR-823G router firmware DIR823G_V1.0.2B05_20181207.bin in the timelycheck and sysconf binaries, which process the /var/system/linux_vlan_reinit. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dir 823G Firmware
NVD GitHub
CVSS 3.1
5.4
EPSS
0.9%
CVE-2025-20349 MEDIUM This Month

A vulnerability in the REST API of Cisco Catalyst Center could allow an authenticated, remote attacker to execute arbitrary commands in a restricted container as the root user. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Command Injection Catalyst Center
NVD
CVSS 3.1
6.3
EPSS
0.4%
CVE-2025-60689 MEDIUM POC This Month

An unauthenticated command injection vulnerability exists in the Start_EPI function of the httpd binary on Linksys E1200 v2 routers (Firmware E1200_v2.0.11.001_us.tar.gz). Rated medium severity (CVSS 5.4), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Linksys Command Injection E1200 Firmware
NVD GitHub
CVSS 3.1
5.4
EPSS
0.2%
CVE-2025-60687 MEDIUM POC This Month

An unauthenticated command injection vulnerability exists in the ToToLink LR1200GB Router firmware V9.1.0u.6619_B20230130 within the cstecgi.cgi binary (sub_41EC68 function). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Lr1200Gb Firmware
NVD GitHub
CVSS 3.1
6.5
EPSS
7.1%
CVE-2025-60683 MEDIUM POC THREAT This Month

A command injection vulnerability exists in the ToToLink A720R Router firmware V4.1.5cu.614_B20230630 within the sysconf binary, specifically in the sub_40BFA4 function that handles network interface. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 10.3%.

Command Injection A720R Firmware
NVD GitHub
CVSS 3.1
6.5
EPSS
10.3%
CVE-2025-60682 MEDIUM POC This Month

A command injection vulnerability exists in the ToToLink A720R Router firmware V4.1.5cu.614_B20230630 within the cloudupdate_check binary, specifically in the sub_402414 function that handles cloud. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection A720R Firmware
NVD GitHub
CVSS 3.1
6.5
EPSS
1.2%
CVE-2025-12763 PyPI MEDIUM PATCH This Month

pgAdmin 4 versions up to 9.9 are affected by a command injection vulnerability on Windows systems. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Microsoft Pgadmin 4 Windows Suse
NVD GitHub
CVSS 3.1
6.8
EPSS
0.1%
CVE-2025-46428 HIGH This Month

Dell SmartFabric OS10 Software, versions prior to 10.6.1.0, contain an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Dell Command Injection RCE Smartfabric Os10
NVD
CVSS 3.1
8.8
EPSS
0.2%
CVE-2025-46427 HIGH This Month

Dell SmartFabric OS10 Software, versions prior to 10.6.1.0, contain an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Dell Command Injection Smartfabric Os10
NVD
CVSS 3.1
8.8
EPSS
0.2%
CVE-2025-62222 HIGH This Month

Improper neutralization of special elements used in a command ('command injection') in Visual Studio Code CoPilot Chat Extension allows an unauthorized attacker to execute code over a network. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection Github Copilot Chat
NVD
CVSS 3.1
8.8
EPSS
0.4%
CVE-2025-62214 MEDIUM This Month

Improper neutralization of special elements used in a command ('command injection') in Visual Studio allows an authorized attacker to execute code locally. Rated medium severity (CVSS 6.7). No vendor patch available.

Command Injection Visual Studio 2022
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2024-57695 HIGH POC This Month

An issue in Agnitum Outpost Security Suite 7.5.3 (3942.608.1810) and 7.6 (3984.693.1842) allows a local attacker to execute arbitrary code via the lock function. Rated high severity (CVSS 7.7), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection RCE Outpost Security Suite
NVD
CVSS 3.1
7.7
EPSS
0.1%
CVE-2025-9223 HIGH This Month

Zohocorp ManageEngine Applications Manager versions 178100 and below are vulnerable to authenticated command injection vulnerability due to the improper configuration in the execute program action. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection
NVD
CVSS 3.1
8.8
EPSS
1.5%
CVE-2025-6779 MEDIUM This Month

An ACAP configuration file has improper permissions, which could allow command injection and potentially lead to privilege escalation. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Command Injection Privilege Escalation Axis Os
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2025-42892 MEDIUM This Month

Due to an OS Command Injection vulnerability in SAP Business Connector, an authenticated attacker with administrative access and adjacent network access could upload specially crafted content to the. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

SAP Command Injection Business Connector
NVD
CVSS 3.1
6.8
EPSS
0.2%
CVE-2025-63296 MEDIUM POC This Week

KERUI K259 5MP Wi-Fi / Tuya Smart Security Camera firmware v33.53.87 contains a code execution vulnerability in its boot/update logic: during startup /usr/sbin/anyka_service.sh scans mounted TF/SD. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection RCE Kerui K259 Firmware
NVD GitHub
CVSS 3.1
6.5
EPSS
0.1%
CVE-2025-12155 HIGH This Month

A Command Injection vulnerability, resulting from improper file path sanitization (Directory Traversal) in Looker allows an attacker with Developer permission to execute arbitrary shell commands when. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Command Injection
NVD
CVSS 4.0
7.1
EPSS
0.7%
CVE-2025-12916 LOW POC Monitor

A vulnerability was determined in Sangfor Operation and Maintenance Security Management System 3.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection
NVD VulDB
CVSS 4.0
2.1
EPSS
0.5%
CVE-2025-10230 CRITICAL POC PATCH Act Now

A flaw was found in Samba, in the front-end WINS hook handling: NetBIOS names from registration packets are passed to a shell without proper validation or escaping. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection
NVD GitHub
CVSS 3.1
10.0
EPSS
0.3%
CVE-2025-64328 HIGH POC KEV THREAT Act Now

FreePBX Endpoint Manager contains a post-authentication command injection via the testconnection/check_ssh_connect function, allowing authenticated users to execute OS commands.

Command Injection Firestore
NVD GitHub
CVSS 4.0
8.6
EPSS
81.9%
Threat
7.2
CVE-2025-11546 CRITICAL This Week

CLUSTERPRO X for Linux 4.0, 4.1, 4.2, 5.0, 5.1 and 5.2 and EXPRESSCLUSTER X for Linux 4.0, 4.1, 4.2, 5.0, 5.1 and 5.2, CLUSTERPRO X SingleServerSafe for Linux 4.0, 4.1, 4.2, 5.0, 5.1 and 5.2,. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection
NVD
CVSS 4.0
9.3
EPSS
0.1%
CVE-2025-12489 HIGH This Month

evernote-mcp-server openBrowser Command Injection Privilege Escalation Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Command Injection RCE Privilege Escalation
NVD GitHub
CVSS 3.0
7.8
EPSS
0.1%
CVE-2025-34239 HIGH This Month

Advantech WebAccess/VPN versions prior to 1.1.5 contain a command injection vulnerability in AppManagementController.appUpgradeAction() that allows an authenticated system administrator to execute. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Webaccess Vpn
NVD
CVSS 4.0
8.6
EPSS
0.3%
CVE-2022-50596 CRITICAL Act Now

D-Link DIR-1260 Wi-Fi router firmware versions up to and including v1.20B05 contain a command injection vulnerability within the web management interface that allows for unauthenticated attackers to. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 13.2% and no vendor patch available.

D-Link Command Injection Dir 1260 Firmware
NVD
CVSS 4.0
9.3
EPSS
13.2%
CVE-2025-63334 CRITICAL POC PATCH Act Now

PocketVJ CP PocketVJ-CP-v3 pvj version 3.9.1 contains an unauthenticated remote code execution vulnerability in the submit_opacity.php component. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Command Injection RCE Pocketvj Control Panel Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.3%
CVE-2025-46365 MEDIUM This Month

Dell CloudLink, versions prior 8.1.1, contain a Command Injection vulnerability which can be exploited by an Authenticated attacker to cause Command Injection on an affected Dell CloudLink. Rated medium severity (CVSS 5.3). No vendor patch available.

Dell Command Injection Cloudlink D-Link
NVD
CVSS 3.1
5.3
EPSS
0.0%
CVE-2025-45379 HIGH This Month

Dell CloudLink, versions prior to 8.2, contain a vulnerability where a privileged user with known password can run command injection from console to gain shell access of system. Rated high severity (CVSS 8.4), this vulnerability is low attack complexity. No vendor patch available.

Dell Command Injection Cloudlink D-Link
NVD
CVSS 3.1
8.4
EPSS
0.3%
CVE-2025-45378 CRITICAL This Week

Dell CloudLink, versions 8.0 through 8.1.2, contain vulnerability on restricted shell. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Dell Command Injection Authentication Bypass Cloudlink D-Link
NVD
CVSS 3.1
9.1
EPSS
0.1%
CVE-2025-30479 HIGH This Month

Dell CloudLink, versions prior to 8.2, contain a vulnerability where a privileged user with known password can run command injection to gain control of system. Rated high severity (CVSS 8.4), this vulnerability is low attack complexity. No vendor patch available.

Dell Command Injection Cloudlink D-Link
NVD
CVSS 3.1
8.4
EPSS
0.8%
CVE-2025-61304 CRITICAL POC Act Now

OS command injection vulnerability in Dynatrace ActiveGate ping extension up to 1.016 via crafted ip address. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Activegate Ping Extension
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2025-10622 HIGH PATCH This Month

A flaw was found in Red Hat Satellite (Foreman component). Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable. No vendor patch available.

Command Injection Red Hat
NVD
CVSS 3.1
8.0
EPSS
0.1%
CVE-2025-64109 HIGH This Month

Cursor is a code editor built for programming with AI. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection RCE
NVD GitHub
CVSS 3.1
8.8
EPSS
0.3%
CVE-2025-64106 HIGH This Month

Cursor is a code editor built for programming with AI. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection Cursor
NVD GitHub
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-11953 npm CRITICAL POC KEV PATCH THREAT Act Now

React Native Metro Development Server binds to external interfaces by default and contains an OS command injection endpoint, allowing unauthenticated network attackers to execute arbitrary code.

Command Injection Microsoft React Native Community Cli Windows Red Hat
NVD GitHub
CVSS 3.1
9.8
EPSS
3.4%
CVE-2024-51317 MEDIUM POC This Week

An issue in NetSurf v.3.11 allows a remote attacker to execute arbitrary code via the dom_node_normalize function. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection RCE Netsurf
NVD GitHub
CVSS 3.1
6.5
EPSS
0.2%
CVE-2025-12313 LOW POC Monitor

Command injection in D-Link DI-7001 MINI firmware versions 19.09.19A1 and 24.04.18B1 allows authenticated remote attackers to execute arbitrary commands via the cmd parameter in /msp_info.htm. The vulnerability has a public exploit available, though the extremely low CVSS score (2.1) and EPSS percentile (24th) indicate limited real-world exploitability despite network accessibility, as exploitation requires valid login credentials and results in low-impact information disclosure rather than system compromise.

Command Injection D-Link Di 7001Mini 8G Firmware
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.1%
CVE-2025-12296 LOW POC Monitor

OS command injection in D-Link DAP-2695 firmware 2.00RC13 allows high-privileged remote attackers to execute arbitrary commands through the Firmware Update Handler function sub_4174B0. The vulnerability carries a low real-world risk despite network-accessible attack vector due to requiring administrative credentials (PR:H) and affecting only end-of-life hardware. Publicly available exploit code exists, though EPSS exploitation probability remains minimal at 0.09th percentile.

Command Injection D-Link Dap 2695 Firmware
NVD GitHub VulDB
CVSS 4.0
2.0
EPSS
0.1%
CVE-2025-47901 HIGH This Week

OS command injection in Microchip TimeProvider 4100 Grandmaster (firmware versions before 2.5) allows authenticated attackers on adjacent networks to execute arbitrary system commands with high privileges, leading to complete device compromise. The vulnerability requires low attack complexity and low privileges, with exploitation probability at 0.28% (EPSS), indicating moderate real-world risk. No public exploit identified at time of analysis, but the adjacent network requirement and low complexity make this readily exploitable in targeted attacks against time synchronization infrastructure.

Command Injection Timeprovider 4100 Firmware
NVD
CVSS 4.0
8.9
EPSS
0.3%
CVE-2025-47900 HIGH This Week

OS command injection in Microchip TimeProvider 4100 Grandmaster allows authenticated adjacent network attackers to execute arbitrary system commands with elevated privileges on firmware versions prior to 2.5. The vulnerability requires low attack complexity and low privileges, enabling complete compromise of device confidentiality, integrity, and availability. EPSS exploitation probability is low (0.28%, 51st percentile) with no public exploit identified at time of analysis, though the straightforward attack vector presents significant risk to network time infrastructure in enterprise environments.

Command Injection Timeprovider 4100 Firmware
NVD
CVSS 4.0
8.9
EPSS
0.3%
CVE-2025-34267 npm HIGH POC PATCH This Week

Authenticated remote code execution in FlowiseAI Flowise (v3.0.1 up to but not including 3.0.8, and later versions when 'ALLOW_BUILTIN_DEP' is enabled) lets a logged-in user break out of the nodevm sandbox by abusing the bundled Puppeteer and Playwright modules. Because a custom tool can specify an attacker-controlled browser binary path and launch parameters, executing that tool runs an arbitrary executable on the host outside the intended sandbox, yielding code execution in the host context. Publicly available exploit code exists; the flaw is not listed in CISA KEV, and it was mis-filed by the vendor as a duplicate of CVE-2025-26319 but is distinct.

RCE Command Injection Flowise
NVD GitHub
CVSS 4.0
8.4
EPSS
6.1%
CVE-2025-60838 MEDIUM This Month

Arbitrary file upload in Mingsoft MCMS v6.0.1 enables remote code execution on the underlying server by uploading a crafted file - likely a JSP web shell - to a reachable endpoint. The NVD-assigned CVSS score of 6.5 with C:L/I:L impact subscores is materially inconsistent with the stated code execution impact, and this discrepancy should be independently verified. No public exploit has been confirmed as actively exploited per CISA KEV, though a Gist-based reference in NVD data may represent a proof-of-concept; EPSS is low at 0.28% (20th percentile), suggesting no widespread scanning or exploitation observed at time of analysis.

Command Injection File Upload RCE Mcms
NVD GitHub
CVSS 3.1
6.5
EPSS
0.3%
CVE-2025-4615 MEDIUM This Month

Improper input neutralization in Palo Alto Networks PAN-OS management web interface allows authenticated high-privilege administrators to bypass system restrictions and execute arbitrary commands through command injection. The vulnerability affects PAN-OS across multiple versions (specific version ranges not independently confirmed from provided data), with a low EPSS exploitation probability (0.06%, 17th percentile) and no confirmed active exploitation or public proof-of-concept. Risk is significantly reduced when CLI access is restricted to a limited administrator group; Cloud NGFW and Prisma Access are unaffected.

Paloalto RCE Authentication Bypass Command Injection Pan Os
NVD VulDB
CVSS 4.0
5.5
EPSS
0.1%
CVE-2025-11523 LOW POC Monitor

Command injection in Tenda AC7 firmware 15.03.06.44 via the /goform/AdvSetLanip endpoint allows authenticated remote attackers to execute arbitrary commands with low impact on confidentiality, integrity, and availability. The vulnerability requires valid login credentials (PR:L) and affects the lanIp parameter. Publicly available exploit code exists, and EPSS scoring of 0.39% indicates low real-world exploitation probability despite public POC availability.

Tenda Command Injection Ac7 Firmware
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.4%
CVE-2025-57457 HIGH This Week

OS command injection in the Curo UC300 (firmware 5.42.1.7.1.63R1) unified communications device lets an authenticated attacker with admin-panel access run arbitrary operating-system commands by injecting shell metacharacters into the "IP Addr" parameter. Successful exploitation yields full command execution on the underlying device (high confidentiality, integrity, and availability impact). A public GitHub repository referenced by NVD indicates publicly available exploit code exists, though the flaw is not listed in CISA KEV and its EPSS probability is modest (1.15%, 63rd percentile).

Command Injection
NVD GitHub
CVSS 3.1
8.8
EPSS
1.1%
CVE-2025-11491 LOW POC Monitor

OS command injection in DesktopCommanderMCP up to version 0.2.13 allows authenticated remote attackers to execute arbitrary system commands via manipulation of the CommandManager function in src/command-manager.ts. The vulnerability has a low CVSS score (2.1) due to authentication requirement and limited scope, but publicly available exploit code exists and the low EPSS score (0.14th percentile) suggests real-world exploitation risk is minimal despite public POC availability.

Command Injection Desktopcommandermcp
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.1%
CVE-2025-11490 LOW POC Monitor

OS command injection in DesktopCommanderMCP up to version 0.2.13 allows authenticated remote attackers to execute arbitrary operating system commands via the extractBaseCommand function in src/command-manager.ts when processing absolute file paths. The vulnerability requires authentication and has limited real-world impact scope, reflected in a low CVSS score of 2.1 and EPSS of 0.15%, though publicly available exploit code exists and the vendor acknowledges the issue remains unfixed pending real-world incident reports.

Command Injection Desktopcommandermcp
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.1%
CVE-2025-11488 MEDIUM This Month

A weakness has been identified in D-Link DIR-852 up to 20251002. This affects an unknown part of the file /HNAP1/. Executing manipulation can lead to command injection. The attack may be launched remotely. The exploit has been made available to the public and could be exploited. This vulnerability only affects products that are no longer supported by the maintainer.

Command Injection D-Link
NVD VulDB
CVSS 4.0
5.5
EPSS
0.3%
CVE-2025-11407 LOW POC Monitor

OS command injection in D-Link DI-7001 MINI firmware 24.04.18B1 allows authenticated remote attackers to execute arbitrary system commands via manipulation of the path argument in /upgrade_filter.asp. Public exploit code is available, though the CVSS 2.1 score and 0.07% EPSS percentile indicate limited real-world exploitation likelihood despite the vulnerability's remote network accessibility.

Command Injection D-Link Di 7001Mini 8G Firmware
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.1%
CVE-2025-60965 CRITICAL Act Now

Authenticated OS command injection in the EndRun Technologies Sonoma D12 GPS Network Time Server (firmware 6010-0071-000, Ver 4.00) lets a privileged remote user inject arbitrary operating-system commands that run outside the vulnerable component, yielding full device takeover, denial of service, privilege escalation, and disclosure of sensitive timing/configuration data. Because Network Time Servers act as an authoritative time source for entire environments, compromise can cascade into time-manipulation attacks against downstream systems (logging, certificates, Kerberos). This is no public exploit identified at time of analysis, though a third-party advisory (xdiv-sec) documents the flaw; EPSS is modest at 1.63% (73rd percentile).

Command Injection Denial Of Service RCE Sonoma D12 Firmware
NVD
CVSS 3.1
9.1
EPSS
1.6%
CVE-2025-60964 CRITICAL Act Now

OS command injection in the EndRun Technologies Sonoma D12 GPS Network Time Server (firmware 6010-0071-000, Ver 4.00) lets an authenticated high-privileged operator inject shell commands into the appliance's underlying OS, escaping the management application to run arbitrary code as the device. Because the appliance is a hardened timing source, successful exploitation yields full compromise: code execution, denial of service, privilege escalation, and disclosure of sensitive data. No public exploit is identified at time of analysis, though a third-party research advisory (xdiv-sec) documents the finding; the EPSS score is moderate at 1.63% (73rd percentile) and the CVE is not on CISA KEV.

Command Injection Denial Of Service RCE Sonoma D12 Firmware
NVD
CVSS 3.1
9.1
EPSS
1.6%
CVE-2025-60963 HIGH This Week

OS command injection in the EndRun Technologies Sonoma D12 GPS Network Time Server (firmware 6010-0071-000 Ver 4.00) lets remote attackers inject shell commands that the appliance executes, enabling arbitrary code execution, denial of service, privilege escalation, and disclosure of sensitive data. The NVD CVSS 3.1 base score is 8.2 (AV:N/AC:L/PR:N/UI:N) and a third-party technical advisory (xdiv-sec) has been published, but there is no public exploit identified at time of analysis and the flaw is not on CISA KEV. EPSS is modest at 1.20% (64th percentile), indicating no observed mass exploitation to date.

Command Injection Denial Of Service RCE Sonoma D12 Firmware
NVD
CVSS 3.1
8.2
EPSS
1.2%
CVE-2025-60962 HIGH This Week

OS command injection in EndRun Technologies' Sonoma D12 GPS Network Time Server (firmware 6010-0071-000, version 4.00) lets remote attackers inject operating-system commands through the appliance's management interface, exposing sensitive information and, per the CVSS integrity rating, allowing manipulation of the device. The vendor-supplied CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:N, score 8.2) indicates network-reachable, low-complexity exploitation, and an independent security-research advisory (xdiv-sec) documents the flaw. No public exploit identified at time of analysis and it is not listed in CISA KEV; EPSS is 1.00% (59th percentile), signaling low measured exploitation activity so far.

Command Injection Sonoma D12 Firmware
NVD
CVSS 3.1
8.2
EPSS
1.0%
CVE-2025-60960 HIGH This Week

OS command injection in the EndRun Technologies Sonoma D12 GPS Network Time Server (firmware 6010-0071-000, Ver 4.00) lets remote attackers inject operating-system commands into the appliance, enabling arbitrary code execution, privilege escalation, disclosure of sensitive data, and disruption of the device's timing service. A third-party advisory (xdiv-sec) documents the issue, but no public exploit was identified at time of analysis and it is not listed in CISA KEV; EPSS is modest at 1.20% (64th percentile). Because this device supplies authoritative time to dependent infrastructure, compromise can cascade beyond the appliance itself.

Command Injection Denial Of Service RCE Sonoma D12 Firmware
NVD
CVSS 3.1
8.2
EPSS
1.2%
CVE-2025-60959 HIGH This Week

OS command injection in the EndRun Technologies Sonoma D12 GPS Network Time Server (firmware 6010-0071-000 Ver 4.00) lets remote attackers inject operating-system commands and extract sensitive information from the appliance. The flaw is reachable over the network without authentication per the published CVSS vector, and a third-party security advisory (xdiv-sec) documents the issue. No public exploit identified at time of analysis, and EPSS probability is low (1.00%, 59th percentile).

Command Injection Sonoma D12 Firmware
NVD
CVSS 3.1
8.2
EPSS
1.0%
CVE-2025-60957 CRITICAL Act Now

Authenticated command injection in EndRun Technologies Sonoma D12 GPS Network Time Server firmware (build 6010-0071-000, Ver 4.00) lets a low-privileged user inject OS commands that run on the underlying appliance, yielding arbitrary code execution, privilege escalation, information disclosure, and denial of service. The CVSS 3.1 vector (AV:N/AC:L/PR:L/S:C) shows a network-reachable, low-complexity flaw whose scope change lets a foothold on the management interface compromise the whole device. A third-party advisory (xdiv-sec) documents the issue; there is no public exploit identified and no CISA KEV listing at time of analysis, and EPSS is a modest 1.58% (73rd percentile).

Command Injection Denial Of Service RCE Sonoma D12 Firmware
NVD
CVSS 3.1
9.9
EPSS
1.6%
CVE-2025-11335 LOW Monitor

Command injection in D-Link DI-7100G C1 firmware up to version 20250928 allows remote authenticated attackers to execute arbitrary commands via the iface parameter in the /msp_info.htm?flag=qos endpoint of the jhttpd component. The vulnerability requires high-level administrative privileges and publicly available exploit code exists, but EPSS score of 0.06% indicates exploitation is unlikely in real-world scenarios due to the privilege requirement.

Command Injection D-Link Di 7100g C1 Firmware
NVD VulDB
CVSS 4.0
2.0
EPSS
0.1%
CVE-2025-11331 LOW POC Monitor

Command injection in IdeaCMS up to version 1.8 allows high-privileged remote attackers to execute arbitrary system commands via manipulation of the 网站名称 (website name) parameter in the Website Name Handler component. The vulnerability exists in app/common/logic/admin/Config.php and requires high-privilege credentials but has publicly available exploit code and carries notable risk given the vendor's non-responsiveness to early disclosure.

PHP Command Injection Ideacms
NVD GitHub VulDB
CVSS 4.0
2.0
EPSS
0.2%
CVE-2025-11303 LOW POC Monitor

Command injection in Belkin F9K1015 firmware 1.00.10 allows authenticated remote attackers to execute arbitrary commands via manipulation of the command argument in the /goform/mp endpoint. The vulnerability requires valid user credentials but offers minimal impact due to restricted capabilities (low confidentiality, integrity, and availability effects). Publicly available exploit code exists, though EPSS scoring (0.20%) indicates limited real-world exploitation probability despite public availability.

Command Injection F9K1015 Firmware
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.2%
CVE-2025-11298 LOW POC Monitor

Command injection in Belkin F9K1015 firmware 1.00.10 allows authenticated remote attackers to execute arbitrary commands via manipulation of the m_wan_ipaddr parameter in the /goform/formSetWanStatic endpoint. The vulnerability has publicly available exploit code and has been disclosed despite vendor non-responsiveness. With a CVSS score of 2.1 and EPSS percentile of 42%, real-world risk is low due to authentication requirement and limited impact scope, though the public POC and command injection nature warrant monitoring.

Command Injection F9K1015 Firmware
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.2%
CVE-2025-11292 LOW POC Monitor

Command injection in Belkin F9K1015 firmware 1.00.10 allows authenticated remote attackers to execute arbitrary commands via manipulation of the wan_ipaddr parameter in the /goform/formBSSetSitesurvey endpoint. The vulnerability requires valid credentials and has limited scope (low confidentiality, integrity, and availability impact on the vulnerable component), but publicly available exploit code exists and the vendor has not responded to disclosure efforts.

Command Injection F9K1015 Firmware
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.2%
CVE-2025-11285 npm LOW POC Monitor

OS command injection in MCPHub up to version 0.9.10 allows authenticated remote attackers to execute arbitrary system commands via manipulation of command/args parameters in serverController.ts. The vulnerability has a low CVSS score (2.1) due to requirement for authenticated access and limited scope impact, but carries elevated real-world risk given publicly available exploit code and vendor non-responsiveness. EPSS score of 0.25% suggests limited current exploitation activity despite POC availability.

Command Injection Mcphub
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.3%
CVE-2025-47212 HIGH PATCH This Week

A command injection vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the following versions: QTS 5.2.6.3195 build 20250715 and later QuTS hero h5.2.6.3195 build 20250715 and later

Qnap Command Injection Qts Quts Hero
NVD
CVSS 3.1
7.2
EPSS
0.1%
CVE-2025-61591 HIGH This Week

Cursor is a code editor built for programming with AI. In versions 1.7 and below, when MCP uses OAuth authentication with an untrusted MCP server, an attacker can impersonate a malicious MCP server and return crafted, maliciously injected commands during the interaction process, leading to command injection and potential remote code execution. If chained with an untrusted MCP service via OAuth, this command injection vulnerability could allow arbitrary code execution on the host by the agent. This can then be used to directly compromise the system by executing malicious commands with full user privileges. This issue does not currently have a fixed release version, but there is a patch, 2025.09.17-25b418f.

Command Injection RCE Cursor
NVD GitHub
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-60787 PyPI HIGH POC PATCH THREAT Act Now

MotionEye video surveillance software version 0.43.1b4 and earlier contains an authenticated OS command injection via configuration parameters such as image_file_name. Admin users can inject commands that execute when the Motion daemon restarts, achieving code execution on the surveillance server.

RCE Command Injection Motioneye
NVD GitHub Exploit-DB
CVSS 3.1
7.2
EPSS
66.0%
Threat
4.9
CVE-2025-59741 CRITICAL Act Now

OS command injection in AndSoft e-TMS v25.03 transportation management system. One of 8+ critical command injection CVEs in the same product.

Command Injection E Tms
NVD
CVSS 3.1
9.8
EPSS
0.2%
CVE-2025-59740 CRITICAL POC Act Now

OS command injection in AndSoft e-TMS v25.03 transportation management system. One of 8+ critical command injection CVEs in the same product.

Command Injection E Tms
NVD GitHub
CVSS 3.1
9.8
EPSS
0.2%
CVE-2025-59739 CRITICAL POC Act Now

OS command injection in AndSoft e-TMS v25.03 transportation management system. One of 8+ critical command injection CVEs in the same product.

Command Injection E Tms
NVD GitHub
CVSS 3.1
9.8
EPSS
0.2%
CVE-2025-59738 CRITICAL POC Act Now

OS command injection in AndSoft e-TMS v25.03 transportation management system. One of 8+ critical command injection CVEs in the same product.

Command Injection E Tms
NVD GitHub
CVSS 3.1
9.8
EPSS
0.2%
CVE-2025-59737 CRITICAL POC Act Now

OS command injection in AndSoft e-TMS v25.03 transportation management system. One of 8+ critical command injection CVEs in the same product.

Command Injection E Tms
NVD GitHub
CVSS 3.1
9.8
EPSS
0.2%
CVE-2025-59736 CRITICAL POC Act Now

OS command injection in AndSoft e-TMS v25.03 transportation management system. One of 8+ critical command injection CVEs in the same product.

Command Injection E Tms
NVD GitHub
CVSS 3.1
9.8
EPSS
0.2%
CVE-2025-59735 CRITICAL Act Now

OS command injection in AndSoft e-TMS v25.03 transportation management system. One of 8+ critical command injection CVEs in the same product.

Command Injection E Tms
NVD
CVSS 3.1
9.8
EPSS
0.2%
CVE-2025-59337 MEDIUM PATCH This Month

Discourse is an open-source community discussion platform. In versions 3.5.0 and below, malicious meta-commands could be embedded in a backup dump and executed during restore. In multisite setups, this allowed an admin of one site to access data or credentials from other sites. This issue is fixed in version 3.5.1.

Command Injection Discourse
NVD GitHub
CVSS 3.1
6.8
EPSS
0.0%
CVE-2025-61045 CRITICAL POC Act Now

Command injection in TOTOLINK X18 via mac parameter. EPSS 3.4%. PoC available.

Command Injection X18 Firmware TOTOLINK
NVD GitHub
CVSS 3.1
9.8
EPSS
3.4%
CVE-2025-61044 CRITICAL POC Act Now

Command injection in TOTOLINK X18 via agentName in setEasyMeshAgentCfg. EPSS 2.7%. PoC available.

Command Injection X18 Firmware TOTOLINK
NVD GitHub
CVSS 3.1
9.8
EPSS
2.7%
CVE-2025-10659 CRITICAL This Week

The Telenium Online Web Application is vulnerable due to a PHP endpoint accessible to unauthenticated network users that improperly handles user-supplied input. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection PHP RCE
NVD
CVSS 4.0
9.3
EPSS
1.3%
CVE-2025-9762 CRITICAL This Week

The Post By Email plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the save_attachments function in all versions up to, and including, 1.0.4b. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress Command Injection RCE PHP
NVD
CVSS 3.1
9.8
EPSS
0.2%
CVE-2025-61584 CRITICAL This Week

serverless-dns is a RethinkDNS resolver that deploys to Cloudflare Workers, Deno Deploy, Fastly, and Fly.io. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection
NVD GitHub
CVSS 4.0
9.3
EPSS
0.1%
CVE-2025-11148 npm CRITICAL This Week

All versions of the package check-branches are vulnerable to Command Injection check-branches is a command-line tool that is interacted with locally, or via CI, to confirm no conflicts exist in git. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection
NVD GitHub
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-36245 HIGH This Month

IBM InfoSphere 11.7.0.0 through 11.7.1.6 Information Server could allow an authenticated user to execute arbitrary commands with elevated privileges on the system due to improper validation of user. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection IBM Infosphere Information Server
NVD
CVSS 3.1
8.8
EPSS
0.0%
CVE-2025-30247 CRITICAL This Week

An OS command injection vulnerability in user interface in Western Digital My Cloud firmware prior to 5.31.108 on NAS platforms allows remote attackers to execute arbitrary system commands via a. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection
NVD
CVSS 4.0
9.3
EPSS
1.7%
CVE-2025-41250 HIGH This Month

VMware vCenter contains an SMTP header injection vulnerability. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection VMware
NVD
CVSS 3.1
8.5
EPSS
0.1%
CVE-2025-57516 HIGH POC This Week

OS Command injection vulnerability in PublicCMS PublicCMS-V5.202506.a, and PublicCMS-V5.202506.b allowing attackers to execute arbitrary commands via crafted DATABASE, USERNAME, or PASSWORD variables. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Publiccms
NVD GitHub
CVSS 3.1
8.2
EPSS
2.7%
CVE-2025-11141 LOW Monitor

A security flaw has been discovered in Ruijie NBR2100G-E up to 20250919. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection PHP
NVD GitHub VulDB
CVSS 4.0
2.0
EPSS
0.1%
EPSS 1% CVSS 5.4
MEDIUM POC This Month

A command injection vulnerability exists in the D-Link DIR-823G router firmware DIR823G_V1.0.2B05_20181207.bin in the timelycheck and sysconf binaries, which process the /tmp/new_qos.rule. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dir 823G Firmware
NVD GitHub
EPSS 0% CVSS 6.5
MEDIUM POC This Month

An unauthenticated command injection vulnerability exists in the D-Link DIR-878A1 router firmware FW101B04.bin. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dir 878 Firmware
NVD GitHub
EPSS 0% CVSS 6.5
MEDIUM POC This Month

An unauthenticated command injection vulnerability exists in the D-Link DIR-878A1 router firmware FW101B04.bin. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dir 878 Firmware
NVD GitHub
EPSS 0% CVSS 6.5
MEDIUM POC This Week

A command injection vulnerability exists in the D-Link DIR-882 Router firmware DIR882A1_FW102B02 within the `prog.cgi` and `rc` binaries. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dir 882 Firmware
NVD GitHub
EPSS 0% CVSS 6.5
MEDIUM POC This Week

A command injection vulnerability exists in the D-Link DIR-882 Router firmware DIR882A1_FW102B02 within the `prog.cgi` and `librcm.so` binaries. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dir 882 Firmware
NVD GitHub
EPSS 1% CVSS 7.3
HIGH POC This Month

A command injection vulnerability exists in the D-Link DIR-882 Router firmware DIR882A1_FW102B02 within the `prog.cgi` and `rc` binaries. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dir 882 Firmware
NVD GitHub
EPSS 1% CVSS 7.3
HIGH POC This Month

A command injection vulnerability exists in the D-Link DIR-882 Router firmware DIR882A1_FW102B02 within the `prog.cgi` and `rc` binaries. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dir 882 Firmware
NVD GitHub
EPSS 1% CVSS 5.4
MEDIUM POC This Month

A command injection vulnerability exists in the D-Link DIR-823G router firmware DIR823G_V1.0.2B05_20181207.bin in the timelycheck and sysconf binaries, which process the /var/system/linux_vlan_reinit. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dir 823G Firmware
NVD GitHub
EPSS 0% CVSS 6.3
MEDIUM This Month

A vulnerability in the REST API of Cisco Catalyst Center could allow an authenticated, remote attacker to execute arbitrary commands in a restricted container as the root user. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Command Injection Catalyst Center
NVD
EPSS 0% CVSS 5.4
MEDIUM POC This Month

An unauthenticated command injection vulnerability exists in the Start_EPI function of the httpd binary on Linksys E1200 v2 routers (Firmware E1200_v2.0.11.001_us.tar.gz). Rated medium severity (CVSS 5.4), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Linksys Command Injection E1200 Firmware
NVD GitHub
EPSS 7% CVSS 6.5
MEDIUM POC This Month

An unauthenticated command injection vulnerability exists in the ToToLink LR1200GB Router firmware V9.1.0u.6619_B20230130 within the cstecgi.cgi binary (sub_41EC68 function). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Lr1200Gb Firmware
NVD GitHub
EPSS 10% CVSS 6.5
MEDIUM POC THREAT This Month

A command injection vulnerability exists in the ToToLink A720R Router firmware V4.1.5cu.614_B20230630 within the sysconf binary, specifically in the sub_40BFA4 function that handles network interface. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 10.3%.

Command Injection A720R Firmware
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM POC This Month

A command injection vulnerability exists in the ToToLink A720R Router firmware V4.1.5cu.614_B20230630 within the cloudupdate_check binary, specifically in the sub_402414 function that handles cloud. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection A720R Firmware
NVD GitHub
EPSS 0% CVSS 6.8
MEDIUM PATCH This Month

pgAdmin 4 versions up to 9.9 are affected by a command injection vulnerability on Windows systems. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Microsoft Pgadmin 4 +2
NVD GitHub
EPSS 0% CVSS 8.8
HIGH This Month

Dell SmartFabric OS10 Software, versions prior to 10.6.1.0, contain an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Dell Command Injection RCE +1
NVD
EPSS 0% CVSS 8.8
HIGH This Month

Dell SmartFabric OS10 Software, versions prior to 10.6.1.0, contain an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Dell Command Injection Smartfabric Os10
NVD
EPSS 0% CVSS 8.8
HIGH This Month

Improper neutralization of special elements used in a command ('command injection') in Visual Studio Code CoPilot Chat Extension allows an unauthorized attacker to execute code over a network. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection Github Copilot Chat
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Improper neutralization of special elements used in a command ('command injection') in Visual Studio allows an authorized attacker to execute code locally. Rated medium severity (CVSS 6.7). No vendor patch available.

Command Injection Visual Studio 2022
NVD
EPSS 0% CVSS 7.7
HIGH POC This Month

An issue in Agnitum Outpost Security Suite 7.5.3 (3942.608.1810) and 7.6 (3984.693.1842) allows a local attacker to execute arbitrary code via the lock function. Rated high severity (CVSS 7.7), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection RCE Outpost Security Suite
NVD
EPSS 1% CVSS 8.8
HIGH This Month

Zohocorp ManageEngine Applications Manager versions 178100 and below are vulnerable to authenticated command injection vulnerability due to the improper configuration in the execute program action. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

An ACAP configuration file has improper permissions, which could allow command injection and potentially lead to privilege escalation. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Command Injection Privilege Escalation Axis Os
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

Due to an OS Command Injection vulnerability in SAP Business Connector, an authenticated attacker with administrative access and adjacent network access could upload specially crafted content to the. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

SAP Command Injection Business Connector
NVD
EPSS 0% CVSS 6.5
MEDIUM POC This Week

KERUI K259 5MP Wi-Fi / Tuya Smart Security Camera firmware v33.53.87 contains a code execution vulnerability in its boot/update logic: during startup /usr/sbin/anyka_service.sh scans mounted TF/SD. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection RCE Kerui K259 Firmware
NVD GitHub
EPSS 1% CVSS 7.1
HIGH This Month

A Command Injection vulnerability, resulting from improper file path sanitization (Directory Traversal) in Looker allows an attacker with Developer permission to execute arbitrary shell commands when. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Command Injection
NVD
EPSS 0% CVSS 2.1
LOW POC Monitor

A vulnerability was determined in Sangfor Operation and Maintenance Security Management System 3.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection
NVD VulDB
EPSS 0% CVSS 10.0
CRITICAL POC PATCH Act Now

A flaw was found in Samba, in the front-end WINS hook handling: NetBIOS names from registration packets are passed to a shell without proper validation or escaping. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection
NVD GitHub
EPSS 82% 7.2 CVSS 8.6
HIGH POC KEV THREAT Act Now

FreePBX Endpoint Manager contains a post-authentication command injection via the testconnection/check_ssh_connect function, allowing authenticated users to execute OS commands.

Command Injection Firestore
NVD GitHub
EPSS 0% CVSS 9.3
CRITICAL This Week

CLUSTERPRO X for Linux 4.0, 4.1, 4.2, 5.0, 5.1 and 5.2 and EXPRESSCLUSTER X for Linux 4.0, 4.1, 4.2, 5.0, 5.1 and 5.2, CLUSTERPRO X SingleServerSafe for Linux 4.0, 4.1, 4.2, 5.0, 5.1 and 5.2,. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection
NVD
EPSS 0% CVSS 7.8
HIGH This Month

evernote-mcp-server openBrowser Command Injection Privilege Escalation Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Command Injection RCE Privilege Escalation
NVD GitHub
EPSS 0% CVSS 8.6
HIGH This Month

Advantech WebAccess/VPN versions prior to 1.1.5 contain a command injection vulnerability in AppManagementController.appUpgradeAction() that allows an authenticated system administrator to execute. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Webaccess Vpn
NVD
EPSS 13% CVSS 9.3
CRITICAL Act Now

D-Link DIR-1260 Wi-Fi router firmware versions up to and including v1.20B05 contain a command injection vulnerability within the web management interface that allows for unauthenticated attackers to. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 13.2% and no vendor patch available.

D-Link Command Injection Dir 1260 Firmware
NVD
EPSS 0% CVSS 9.8
CRITICAL POC PATCH Act Now

PocketVJ CP PocketVJ-CP-v3 pvj version 3.9.1 contains an unauthenticated remote code execution vulnerability in the submit_opacity.php component. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Command Injection RCE +1
NVD GitHub
EPSS 0% CVSS 5.3
MEDIUM This Month

Dell CloudLink, versions prior 8.1.1, contain a Command Injection vulnerability which can be exploited by an Authenticated attacker to cause Command Injection on an affected Dell CloudLink. Rated medium severity (CVSS 5.3). No vendor patch available.

Dell Command Injection Cloudlink +1
NVD
EPSS 0% CVSS 8.4
HIGH This Month

Dell CloudLink, versions prior to 8.2, contain a vulnerability where a privileged user with known password can run command injection from console to gain shell access of system. Rated high severity (CVSS 8.4), this vulnerability is low attack complexity. No vendor patch available.

Dell Command Injection Cloudlink +1
NVD
EPSS 0% CVSS 9.1
CRITICAL This Week

Dell CloudLink, versions 8.0 through 8.1.2, contain vulnerability on restricted shell. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Dell Command Injection Authentication Bypass +2
NVD
EPSS 1% CVSS 8.4
HIGH This Month

Dell CloudLink, versions prior to 8.2, contain a vulnerability where a privileged user with known password can run command injection to gain control of system. Rated high severity (CVSS 8.4), this vulnerability is low attack complexity. No vendor patch available.

Dell Command Injection Cloudlink +1
NVD
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

OS command injection vulnerability in Dynatrace ActiveGate ping extension up to 1.016 via crafted ip address. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Activegate Ping Extension
NVD GitHub
EPSS 0% CVSS 8.0
HIGH PATCH This Month

A flaw was found in Red Hat Satellite (Foreman component). Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable. No vendor patch available.

Command Injection Red Hat
NVD
EPSS 0% CVSS 8.8
HIGH This Month

Cursor is a code editor built for programming with AI. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection RCE
NVD GitHub
EPSS 0% CVSS 8.8
HIGH This Month

Cursor is a code editor built for programming with AI. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection Cursor
NVD GitHub
EPSS 3% CVSS 9.8
CRITICAL POC KEV PATCH THREAT Act Now

React Native Metro Development Server binds to external interfaces by default and contains an OS command injection endpoint, allowing unauthenticated network attackers to execute arbitrary code.

Command Injection Microsoft React Native Community Cli +2
NVD GitHub
EPSS 0% CVSS 6.5
MEDIUM POC This Week

An issue in NetSurf v.3.11 allows a remote attacker to execute arbitrary code via the dom_node_normalize function. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection RCE Netsurf
NVD GitHub
EPSS 0% CVSS 2.1
LOW POC Monitor

Command injection in D-Link DI-7001 MINI firmware versions 19.09.19A1 and 24.04.18B1 allows authenticated remote attackers to execute arbitrary commands via the cmd parameter in /msp_info.htm. The vulnerability has a public exploit available, though the extremely low CVSS score (2.1) and EPSS percentile (24th) indicate limited real-world exploitability despite network accessibility, as exploitation requires valid login credentials and results in low-impact information disclosure rather than system compromise.

Command Injection D-Link Di 7001Mini 8G Firmware
NVD GitHub VulDB
EPSS 0% CVSS 2.0
LOW POC Monitor

OS command injection in D-Link DAP-2695 firmware 2.00RC13 allows high-privileged remote attackers to execute arbitrary commands through the Firmware Update Handler function sub_4174B0. The vulnerability carries a low real-world risk despite network-accessible attack vector due to requiring administrative credentials (PR:H) and affecting only end-of-life hardware. Publicly available exploit code exists, though EPSS exploitation probability remains minimal at 0.09th percentile.

Command Injection D-Link Dap 2695 Firmware
NVD GitHub VulDB
EPSS 0% CVSS 8.9
HIGH This Week

OS command injection in Microchip TimeProvider 4100 Grandmaster (firmware versions before 2.5) allows authenticated attackers on adjacent networks to execute arbitrary system commands with high privileges, leading to complete device compromise. The vulnerability requires low attack complexity and low privileges, with exploitation probability at 0.28% (EPSS), indicating moderate real-world risk. No public exploit identified at time of analysis, but the adjacent network requirement and low complexity make this readily exploitable in targeted attacks against time synchronization infrastructure.

Command Injection Timeprovider 4100 Firmware
NVD
EPSS 0% CVSS 8.9
HIGH This Week

OS command injection in Microchip TimeProvider 4100 Grandmaster allows authenticated adjacent network attackers to execute arbitrary system commands with elevated privileges on firmware versions prior to 2.5. The vulnerability requires low attack complexity and low privileges, enabling complete compromise of device confidentiality, integrity, and availability. EPSS exploitation probability is low (0.28%, 51st percentile) with no public exploit identified at time of analysis, though the straightforward attack vector presents significant risk to network time infrastructure in enterprise environments.

Command Injection Timeprovider 4100 Firmware
NVD
EPSS 6% CVSS 8.4
HIGH POC PATCH This Week

Authenticated remote code execution in FlowiseAI Flowise (v3.0.1 up to but not including 3.0.8, and later versions when 'ALLOW_BUILTIN_DEP' is enabled) lets a logged-in user break out of the nodevm sandbox by abusing the bundled Puppeteer and Playwright modules. Because a custom tool can specify an attacker-controlled browser binary path and launch parameters, executing that tool runs an arbitrary executable on the host outside the intended sandbox, yielding code execution in the host context. Publicly available exploit code exists; the flaw is not listed in CISA KEV, and it was mis-filed by the vendor as a duplicate of CVE-2025-26319 but is distinct.

RCE Command Injection Flowise
NVD GitHub
EPSS 0% CVSS 6.5
MEDIUM This Month

Arbitrary file upload in Mingsoft MCMS v6.0.1 enables remote code execution on the underlying server by uploading a crafted file - likely a JSP web shell - to a reachable endpoint. The NVD-assigned CVSS score of 6.5 with C:L/I:L impact subscores is materially inconsistent with the stated code execution impact, and this discrepancy should be independently verified. No public exploit has been confirmed as actively exploited per CISA KEV, though a Gist-based reference in NVD data may represent a proof-of-concept; EPSS is low at 0.28% (20th percentile), suggesting no widespread scanning or exploitation observed at time of analysis.

Command Injection File Upload RCE +1
NVD GitHub
EPSS 0% CVSS 5.5
MEDIUM This Month

Improper input neutralization in Palo Alto Networks PAN-OS management web interface allows authenticated high-privilege administrators to bypass system restrictions and execute arbitrary commands through command injection. The vulnerability affects PAN-OS across multiple versions (specific version ranges not independently confirmed from provided data), with a low EPSS exploitation probability (0.06%, 17th percentile) and no confirmed active exploitation or public proof-of-concept. Risk is significantly reduced when CLI access is restricted to a limited administrator group; Cloud NGFW and Prisma Access are unaffected.

Paloalto RCE Authentication Bypass +2
NVD VulDB
EPSS 0% CVSS 2.1
LOW POC Monitor

Command injection in Tenda AC7 firmware 15.03.06.44 via the /goform/AdvSetLanip endpoint allows authenticated remote attackers to execute arbitrary commands with low impact on confidentiality, integrity, and availability. The vulnerability requires valid login credentials (PR:L) and affects the lanIp parameter. Publicly available exploit code exists, and EPSS scoring of 0.39% indicates low real-world exploitation probability despite public POC availability.

Tenda Command Injection Ac7 Firmware
NVD GitHub VulDB
EPSS 1% CVSS 8.8
HIGH This Week

OS command injection in the Curo UC300 (firmware 5.42.1.7.1.63R1) unified communications device lets an authenticated attacker with admin-panel access run arbitrary operating-system commands by injecting shell metacharacters into the "IP Addr" parameter. Successful exploitation yields full command execution on the underlying device (high confidentiality, integrity, and availability impact). A public GitHub repository referenced by NVD indicates publicly available exploit code exists, though the flaw is not listed in CISA KEV and its EPSS probability is modest (1.15%, 63rd percentile).

Command Injection
NVD GitHub
EPSS 0% CVSS 2.1
LOW POC Monitor

OS command injection in DesktopCommanderMCP up to version 0.2.13 allows authenticated remote attackers to execute arbitrary system commands via manipulation of the CommandManager function in src/command-manager.ts. The vulnerability has a low CVSS score (2.1) due to authentication requirement and limited scope, but publicly available exploit code exists and the low EPSS score (0.14th percentile) suggests real-world exploitation risk is minimal despite public POC availability.

Command Injection Desktopcommandermcp
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW POC Monitor

OS command injection in DesktopCommanderMCP up to version 0.2.13 allows authenticated remote attackers to execute arbitrary operating system commands via the extractBaseCommand function in src/command-manager.ts when processing absolute file paths. The vulnerability requires authentication and has limited real-world impact scope, reflected in a low CVSS score of 2.1 and EPSS of 0.15%, though publicly available exploit code exists and the vendor acknowledges the issue remains unfixed pending real-world incident reports.

Command Injection Desktopcommandermcp
NVD GitHub VulDB
EPSS 0% CVSS 5.5
MEDIUM This Month

A weakness has been identified in D-Link DIR-852 up to 20251002. This affects an unknown part of the file /HNAP1/. Executing manipulation can lead to command injection. The attack may be launched remotely. The exploit has been made available to the public and could be exploited. This vulnerability only affects products that are no longer supported by the maintainer.

Command Injection D-Link
NVD VulDB
EPSS 0% CVSS 2.1
LOW POC Monitor

OS command injection in D-Link DI-7001 MINI firmware 24.04.18B1 allows authenticated remote attackers to execute arbitrary system commands via manipulation of the path argument in /upgrade_filter.asp. Public exploit code is available, though the CVSS 2.1 score and 0.07% EPSS percentile indicate limited real-world exploitation likelihood despite the vulnerability's remote network accessibility.

Command Injection D-Link Di 7001Mini 8G Firmware
NVD GitHub VulDB
EPSS 2% CVSS 9.1
CRITICAL Act Now

Authenticated OS command injection in the EndRun Technologies Sonoma D12 GPS Network Time Server (firmware 6010-0071-000, Ver 4.00) lets a privileged remote user inject arbitrary operating-system commands that run outside the vulnerable component, yielding full device takeover, denial of service, privilege escalation, and disclosure of sensitive timing/configuration data. Because Network Time Servers act as an authoritative time source for entire environments, compromise can cascade into time-manipulation attacks against downstream systems (logging, certificates, Kerberos). This is no public exploit identified at time of analysis, though a third-party advisory (xdiv-sec) documents the flaw; EPSS is modest at 1.63% (73rd percentile).

Command Injection Denial Of Service RCE +1
NVD
EPSS 2% CVSS 9.1
CRITICAL Act Now

OS command injection in the EndRun Technologies Sonoma D12 GPS Network Time Server (firmware 6010-0071-000, Ver 4.00) lets an authenticated high-privileged operator inject shell commands into the appliance's underlying OS, escaping the management application to run arbitrary code as the device. Because the appliance is a hardened timing source, successful exploitation yields full compromise: code execution, denial of service, privilege escalation, and disclosure of sensitive data. No public exploit is identified at time of analysis, though a third-party research advisory (xdiv-sec) documents the finding; the EPSS score is moderate at 1.63% (73rd percentile) and the CVE is not on CISA KEV.

Command Injection Denial Of Service RCE +1
NVD
EPSS 1% CVSS 8.2
HIGH This Week

OS command injection in the EndRun Technologies Sonoma D12 GPS Network Time Server (firmware 6010-0071-000 Ver 4.00) lets remote attackers inject shell commands that the appliance executes, enabling arbitrary code execution, denial of service, privilege escalation, and disclosure of sensitive data. The NVD CVSS 3.1 base score is 8.2 (AV:N/AC:L/PR:N/UI:N) and a third-party technical advisory (xdiv-sec) has been published, but there is no public exploit identified at time of analysis and the flaw is not on CISA KEV. EPSS is modest at 1.20% (64th percentile), indicating no observed mass exploitation to date.

Command Injection Denial Of Service RCE +1
NVD
EPSS 1% CVSS 8.2
HIGH This Week

OS command injection in EndRun Technologies' Sonoma D12 GPS Network Time Server (firmware 6010-0071-000, version 4.00) lets remote attackers inject operating-system commands through the appliance's management interface, exposing sensitive information and, per the CVSS integrity rating, allowing manipulation of the device. The vendor-supplied CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:N, score 8.2) indicates network-reachable, low-complexity exploitation, and an independent security-research advisory (xdiv-sec) documents the flaw. No public exploit identified at time of analysis and it is not listed in CISA KEV; EPSS is 1.00% (59th percentile), signaling low measured exploitation activity so far.

Command Injection Sonoma D12 Firmware
NVD
EPSS 1% CVSS 8.2
HIGH This Week

OS command injection in the EndRun Technologies Sonoma D12 GPS Network Time Server (firmware 6010-0071-000, Ver 4.00) lets remote attackers inject operating-system commands into the appliance, enabling arbitrary code execution, privilege escalation, disclosure of sensitive data, and disruption of the device's timing service. A third-party advisory (xdiv-sec) documents the issue, but no public exploit was identified at time of analysis and it is not listed in CISA KEV; EPSS is modest at 1.20% (64th percentile). Because this device supplies authoritative time to dependent infrastructure, compromise can cascade beyond the appliance itself.

Command Injection Denial Of Service RCE +1
NVD
EPSS 1% CVSS 8.2
HIGH This Week

OS command injection in the EndRun Technologies Sonoma D12 GPS Network Time Server (firmware 6010-0071-000 Ver 4.00) lets remote attackers inject operating-system commands and extract sensitive information from the appliance. The flaw is reachable over the network without authentication per the published CVSS vector, and a third-party security advisory (xdiv-sec) documents the issue. No public exploit identified at time of analysis, and EPSS probability is low (1.00%, 59th percentile).

Command Injection Sonoma D12 Firmware
NVD
EPSS 2% CVSS 9.9
CRITICAL Act Now

Authenticated command injection in EndRun Technologies Sonoma D12 GPS Network Time Server firmware (build 6010-0071-000, Ver 4.00) lets a low-privileged user inject OS commands that run on the underlying appliance, yielding arbitrary code execution, privilege escalation, information disclosure, and denial of service. The CVSS 3.1 vector (AV:N/AC:L/PR:L/S:C) shows a network-reachable, low-complexity flaw whose scope change lets a foothold on the management interface compromise the whole device. A third-party advisory (xdiv-sec) documents the issue; there is no public exploit identified and no CISA KEV listing at time of analysis, and EPSS is a modest 1.58% (73rd percentile).

Command Injection Denial Of Service RCE +1
NVD
EPSS 0% CVSS 2.0
LOW Monitor

Command injection in D-Link DI-7100G C1 firmware up to version 20250928 allows remote authenticated attackers to execute arbitrary commands via the iface parameter in the /msp_info.htm?flag=qos endpoint of the jhttpd component. The vulnerability requires high-level administrative privileges and publicly available exploit code exists, but EPSS score of 0.06% indicates exploitation is unlikely in real-world scenarios due to the privilege requirement.

Command Injection D-Link Di 7100g C1 Firmware
NVD VulDB
EPSS 0% CVSS 2.0
LOW POC Monitor

Command injection in IdeaCMS up to version 1.8 allows high-privileged remote attackers to execute arbitrary system commands via manipulation of the 网站名称 (website name) parameter in the Website Name Handler component. The vulnerability exists in app/common/logic/admin/Config.php and requires high-privilege credentials but has publicly available exploit code and carries notable risk given the vendor's non-responsiveness to early disclosure.

PHP Command Injection Ideacms
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW POC Monitor

Command injection in Belkin F9K1015 firmware 1.00.10 allows authenticated remote attackers to execute arbitrary commands via manipulation of the command argument in the /goform/mp endpoint. The vulnerability requires valid user credentials but offers minimal impact due to restricted capabilities (low confidentiality, integrity, and availability effects). Publicly available exploit code exists, though EPSS scoring (0.20%) indicates limited real-world exploitation probability despite public availability.

Command Injection F9K1015 Firmware
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW POC Monitor

Command injection in Belkin F9K1015 firmware 1.00.10 allows authenticated remote attackers to execute arbitrary commands via manipulation of the m_wan_ipaddr parameter in the /goform/formSetWanStatic endpoint. The vulnerability has publicly available exploit code and has been disclosed despite vendor non-responsiveness. With a CVSS score of 2.1 and EPSS percentile of 42%, real-world risk is low due to authentication requirement and limited impact scope, though the public POC and command injection nature warrant monitoring.

Command Injection F9K1015 Firmware
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW POC Monitor

Command injection in Belkin F9K1015 firmware 1.00.10 allows authenticated remote attackers to execute arbitrary commands via manipulation of the wan_ipaddr parameter in the /goform/formBSSetSitesurvey endpoint. The vulnerability requires valid credentials and has limited scope (low confidentiality, integrity, and availability impact on the vulnerable component), but publicly available exploit code exists and the vendor has not responded to disclosure efforts.

Command Injection F9K1015 Firmware
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW POC Monitor

OS command injection in MCPHub up to version 0.9.10 allows authenticated remote attackers to execute arbitrary system commands via manipulation of command/args parameters in serverController.ts. The vulnerability has a low CVSS score (2.1) due to requirement for authenticated access and limited scope impact, but carries elevated real-world risk given publicly available exploit code and vendor non-responsiveness. EPSS score of 0.25% suggests limited current exploitation activity despite POC availability.

Command Injection Mcphub
NVD GitHub VulDB
EPSS 0% CVSS 7.2
HIGH PATCH This Week

A command injection vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the following versions: QTS 5.2.6.3195 build 20250715 and later QuTS hero h5.2.6.3195 build 20250715 and later

Qnap Command Injection Qts +1
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Cursor is a code editor built for programming with AI. In versions 1.7 and below, when MCP uses OAuth authentication with an untrusted MCP server, an attacker can impersonate a malicious MCP server and return crafted, maliciously injected commands during the interaction process, leading to command injection and potential remote code execution. If chained with an untrusted MCP service via OAuth, this command injection vulnerability could allow arbitrary code execution on the host by the agent. This can then be used to directly compromise the system by executing malicious commands with full user privileges. This issue does not currently have a fixed release version, but there is a patch, 2025.09.17-25b418f.

Command Injection RCE Cursor
NVD GitHub
EPSS 66% 4.9 CVSS 7.2
HIGH POC PATCH THREAT Act Now

MotionEye video surveillance software version 0.43.1b4 and earlier contains an authenticated OS command injection via configuration parameters such as image_file_name. Admin users can inject commands that execute when the Motion daemon restarts, achieving code execution on the surveillance server.

RCE Command Injection Motioneye
NVD GitHub Exploit-DB
EPSS 0% CVSS 9.8
CRITICAL Act Now

OS command injection in AndSoft e-TMS v25.03 transportation management system. One of 8+ critical command injection CVEs in the same product.

Command Injection E Tms
NVD
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

OS command injection in AndSoft e-TMS v25.03 transportation management system. One of 8+ critical command injection CVEs in the same product.

Command Injection E Tms
NVD GitHub
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

OS command injection in AndSoft e-TMS v25.03 transportation management system. One of 8+ critical command injection CVEs in the same product.

Command Injection E Tms
NVD GitHub
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

OS command injection in AndSoft e-TMS v25.03 transportation management system. One of 8+ critical command injection CVEs in the same product.

Command Injection E Tms
NVD GitHub
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

OS command injection in AndSoft e-TMS v25.03 transportation management system. One of 8+ critical command injection CVEs in the same product.

Command Injection E Tms
NVD GitHub
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

OS command injection in AndSoft e-TMS v25.03 transportation management system. One of 8+ critical command injection CVEs in the same product.

Command Injection E Tms
NVD GitHub
EPSS 0% CVSS 9.8
CRITICAL Act Now

OS command injection in AndSoft e-TMS v25.03 transportation management system. One of 8+ critical command injection CVEs in the same product.

Command Injection E Tms
NVD
EPSS 0% CVSS 6.8
MEDIUM PATCH This Month

Discourse is an open-source community discussion platform. In versions 3.5.0 and below, malicious meta-commands could be embedded in a backup dump and executed during restore. In multisite setups, this allowed an admin of one site to access data or credentials from other sites. This issue is fixed in version 3.5.1.

Command Injection Discourse
NVD GitHub
EPSS 3% CVSS 9.8
CRITICAL POC Act Now

Command injection in TOTOLINK X18 via mac parameter. EPSS 3.4%. PoC available.

Command Injection X18 Firmware TOTOLINK
NVD GitHub
EPSS 3% CVSS 9.8
CRITICAL POC Act Now

Command injection in TOTOLINK X18 via agentName in setEasyMeshAgentCfg. EPSS 2.7%. PoC available.

Command Injection X18 Firmware TOTOLINK
NVD GitHub
EPSS 1% CVSS 9.3
CRITICAL This Week

The Telenium Online Web Application is vulnerable due to a PHP endpoint accessible to unauthenticated network users that improperly handles user-supplied input. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection PHP RCE
NVD
EPSS 0% CVSS 9.8
CRITICAL This Week

The Post By Email plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the save_attachments function in all versions up to, and including, 1.0.4b. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress Command Injection RCE +1
NVD
EPSS 0% CVSS 9.3
CRITICAL This Week

serverless-dns is a RethinkDNS resolver that deploys to Cloudflare Workers, Deno Deploy, Fastly, and Fly.io. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection
NVD GitHub
EPSS 0% CVSS 9.8
CRITICAL This Week

All versions of the package check-branches are vulnerable to Command Injection check-branches is a command-line tool that is interacted with locally, or via CI, to confirm no conflicts exist in git. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection
NVD GitHub
EPSS 0% CVSS 8.8
HIGH This Month

IBM InfoSphere 11.7.0.0 through 11.7.1.6 Information Server could allow an authenticated user to execute arbitrary commands with elevated privileges on the system due to improper validation of user. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection IBM Infosphere Information Server
NVD
EPSS 2% CVSS 9.3
CRITICAL This Week

An OS command injection vulnerability in user interface in Western Digital My Cloud firmware prior to 5.31.108 on NAS platforms allows remote attackers to execute arbitrary system commands via a. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection
NVD
EPSS 0% CVSS 8.5
HIGH This Month

VMware vCenter contains an SMTP header injection vulnerability. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection VMware
NVD
EPSS 3% CVSS 8.2
HIGH POC This Week

OS Command injection vulnerability in PublicCMS PublicCMS-V5.202506.a, and PublicCMS-V5.202506.b allowing attackers to execute arbitrary commands via crafted DATABASE, USERNAME, or PASSWORD variables. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Publiccms
NVD GitHub
EPSS 0% CVSS 2.0
LOW Monitor

A security flaw has been discovered in Ruijie NBR2100G-E up to 20250919. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection PHP
NVD GitHub VulDB
Prev Page 20 of 87 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy