Skip to main content

Command Injection

7746 CVEs technique

Monthly

CVE-2025-23049 HIGH This Week

CVE-2025-23049 is an OS Command Injection vulnerability in Meridian Technique Materialise OrthoView through version 7.5.1 that allows unauthenticated remote attackers to execute arbitrary operating system commands when servlet sharing is enabled. The vulnerability has a CVSS score of 8.4 (High) and affects healthcare/dental imaging software used by medical professionals. Attackers can achieve high confidentiality impact and high availability impact, making this a significant threat to healthcare organizations relying on OrthoView for patient imaging workflows.

Command Injection
NVD
CVSS 4.0
8.4
EPSS
0.6%
CVE-2025-6485 LOW POC Monitor

A vulnerability was found in TOTOLINK A3002R 1.1.1-B20200824.0128. It has been classified as critical. This affects the function formWlSiteSurvey of the file /boafrm/formWlSiteSurvey. The manipulation of the argument wlanif leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Command Injection
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
3.7%
CVE-2025-34030 CRITICAL POC Act Now

CVE-2025-34030 is a critical OS command injection vulnerability in sar2html versions 3.2.2 and earlier that allows unauthenticated remote attackers to execute arbitrary shell commands through unsanitized input in the 'plot' parameter of index.php. The vulnerability has a perfect CVSS score of 10.0 and requires no authentication, user interaction, or special privileges to exploit. Active exploitation was observed by the Shadowserver Foundation as of February 4, 2025, indicating this is not a theoretical threat.

PHP Command Injection
NVD GitHub Exploit-DB
CVSS 4.0
10.0
EPSS
2.0%
CVE-2025-34029 HIGH POC This Week

CVE-2025-34029 is an OS command injection vulnerability in Edimax EW-7438RPn Mini wireless router firmware version 1.13 and prior that allows authenticated remote attackers to execute arbitrary shell commands as root through the /goform/formSysCmd endpoint. The vulnerability has a CVSS score of 8.8 (High) and was observed being exploited in the wild by the Shadowserver Foundation on 2024-09-14 UTC, indicating active real-world attack activity against this widely-deployed consumer networking device.

Command Injection Ew 7438rpn Mini Firmware
NVD Exploit-DB
CVSS 3.1
8.8
EPSS
2.1%
CVE-2025-34024 HIGH POC This Week

CVE-2025-34024 is an OS command injection vulnerability in Edimax EW-7438RPn wireless range extender firmware versions 1.13 and prior, allowing authenticated attackers to execute arbitrary commands as root via the /goform/mp endpoint. The vulnerability results from improper input validation on the 'command' parameter in the mp.asp form handler, enabling shell metacharacter injection. Active exploitation was observed by the Shadowserver Foundation on 2024-09-14 UTC, indicating real-world threat activity against this device.

Command Injection Ew 7438rpn Mini Firmware
NVD Exploit-DB
CVSS 3.1
8.8
EPSS
0.8%
CVE-2025-25038 CRITICAL POC THREAT Emergency

MiniDVBLinux version 5.4 and earlier contains an unauthenticated OS command injection in the web-based management interface. The DVB streaming platform fails to sanitize user input before passing it to operating system commands, enabling remote attackers to execute arbitrary commands on the media server.

Command Injection Minidvblinux
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
17.7%
Threat
4.0
CVE-2025-6193 MEDIUM PATCH This Month

A command injection vulnerability was discovered in the TrustyAI Explainability toolkit.

Command Injection Red Hat
NVD GitHub
CVSS 3.1
5.9
EPSS
0.1%
CVE-2025-6335 LOW POC Monitor

A vulnerability was found in DedeCMS up to 5.7.2 and classified as critical. This issue affects some unknown processing of the file /include/dedetag.class.php of the component Template Handler. The manipulation of the argument notes leads to command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

PHP Command Injection
NVD GitHub VulDB
CVSS 4.0
2.0
EPSS
0.2%
CVE-2025-6299 LOW POC Monitor

A vulnerability classified as critical has been found in TOTOLINK N150RT 3.4.0-B20190525. This affects an unknown part of the file /boa/formWSC. The manipulation of the argument targetAPSsid leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Command Injection
NVD VulDB
CVSS 4.0
2.0
EPSS
1.7%
CVE-2025-50201 CRITICAL POC PATCH THREAT Act Now

Critical OS Command Injection vulnerability in WeGIA (a web management system for charitable institutions) versions prior to 3.4.2, affecting the /html/configuracao/debug_info.php endpoint. An unauthenticated attacker can inject arbitrary operating system commands via the unsanitized 'branch' parameter, achieving remote code execution (RCE) with www-data user privileges. With a CVSS score of 9.8 and network-based attack vector requiring no authentication or user interaction, this represents an immediate and severe threat to all unpatched WeGIA deployments.

PHP Command Injection Wegia
NVD GitHub
CVSS 3.1
9.8
EPSS
30.1%
Threat
4.4
CVE-2025-23170 MEDIUM This Month

The Versa Director SD-WAN orchestration platform includes functionality to initiate SSH sessions to remote CPEs and the Director shell via Shell-In-A-Box. The underlying Python script, shell-connect.py, is vulnerable to command injection through the user argument. This allows an attacker to execute arbitrary commands on the system. Exploitation Status: Versa Networks is not aware of any reported instance where this vulnerability was exploited. Proof of concept for this vulnerability has been disclosed by third party security researchers. Workarounds or Mitigation: There are no workarounds to disable the GUI option. Versa recommends that Director be upgraded to one of the remediated software versions.

Python Command Injection
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2025-49823 NONE PATCH Awaiting Data

(conda) Constructor is a tool which allows constructing an installer for a collection of conda packages. Prior to version 3.11.3, shell installer scripts process the installation prefix (user_prefix) using an eval statement, which executes unsanitized user input as shell code. Although the script runs with user privileges (not root), an attacker could exploit this by injecting arbitrary commands through a malicious path during installation. Exploitation requires explicit user action. This issue has been patched in version 3.11.3.

Command Injection
NVD GitHub
EPSS
0.0%
CVE-2025-6104 HIGH This Week

Critical OS command injection vulnerability in Wifi-soft UniBox Controller affecting versions up to 20250506. An authenticated attacker can remotely execute arbitrary operating system commands via the 'ipaddress' parameter in /billing/pms_check.php, achieving complete system compromise. Public exploit code exists, the vendor has not responded to early disclosure, and this vulnerability meets criteria for immediate exploitation in real-world environments.

PHP Command Injection
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.5%
CVE-2025-6103 HIGH This Week

A critical OS command injection vulnerability exists in Wifi-soft UniBox Controller versions up to 20250506 within the /billing/test_accesscodelogin.php file's Password parameter, allowing authenticated remote attackers to execute arbitrary system commands with high impact on confidentiality, integrity, and availability. Public exploit code has been disclosed and the vendor has not responded to early disclosure notifications, indicating active exploitation risk and lack of official patches.

PHP Command Injection
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.5%
CVE-2025-6102 HIGH This Week

Critical OS command injection vulnerability in Wifi-soft UniBox Controller affecting versions up to 20250506, exploitable through the mac_address parameter in /authentication/logout.php. An authenticated attacker can remotely execute arbitrary OS commands with high impact on confidentiality, integrity, and availability. The vulnerability has been publicly disclosed with exploit code available, and the vendor has not responded to early disclosure attempts, significantly elevating real-world risk.

PHP Command Injection
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.5%
CVE-2025-45988 CRITICAL POC Act Now

A command injection vulnerability (CVSS 9.8). Risk factors: public PoC available.

Command Injection RCE IoT Bl Lte300 Firmware Bl X26 Ac8 Firmware +7
NVD GitHub
CVSS 3.1
9.8
EPSS
3.0%
CVE-2025-45987 CRITICAL POC Act Now

Multiple Blink router models (8 distinct firmware versions across product lines) contain unauthenticated command injection vulnerabilities in the DNS configuration function (bs_SetDNSInfo), allowing remote attackers to execute arbitrary system commands with no authentication required. The CVSS 9.8 rating reflects the critical nature: network-exploitable, no privilege escalation needed, and complete compromise of confidentiality, integrity, and availability. While no KEV or public POC is documented in standard vulnerability databases as of this analysis, the combination of network accessibility and lack of authentication requirements makes this a high-priority threat for all affected Blink router owners.

Command Injection Bl Ac2100 Az3 Firmware Bl Lte300 Firmware Blac450m Ae4 Firmware Bl Wr9000 Firmware +3
NVD GitHub
CVSS 3.1
9.8
EPSS
3.0%
CVE-2025-45986 CRITICAL POC Act Now

A critical unauthenticated remote command injection vulnerability exists in multiple Blink router models through the 'mac' parameter in the bs_SetMacBlack function, allowing attackers to execute arbitrary commands with full system privileges. Affected models include BL-WR9000 V2.4.9, BL-AC2100_AZ3 V1.0.4, BL-X10_AC8 v1.0.5, BL-LTE300 v1.2.3, BL-F1200_AT1 v1.0.0, BL-X26_AC8 v1.2.8, BLAC450M_AE4 v4.0.0, and BL-X26_DA3 v1.2.7. With a CVSS score of 9.8 and network-based attack vector requiring no authentication or user interaction, this vulnerability poses severe risk to any exposed router on the network.

Command Injection Netgear RCE Bl Wr9000 Firmware Bl F1200 At1 Firmware +6
NVD GitHub
CVSS 3.1
9.8
EPSS
3.0%
CVE-2025-45985 CRITICAL POC THREAT Emergency

Critical remote command injection vulnerability affecting multiple Blink router models through the bs_SetSSIDHide function, allowing unauthenticated attackers to execute arbitrary commands with full system compromise. The vulnerability impacts 8 distinct product lines across versions ranging from v1.0.0 to v4.0.0, with a CVSS score of 9.8 indicating severe severity due to network accessibility, low attack complexity, and no privilege requirements. This represents an actively exploitable flaw affecting home and small business network infrastructure with potential for widespread compromise.

Command Injection RCE Blac450m Ae4 Firmware Bl Lte300 Firmware Bl X26 Ac8 Firmware +5
NVD GitHub
CVSS 3.1
9.8
EPSS
27.7%
Threat
4.3
CVE-2025-45984 CRITICAL POC Act Now

A command injection vulnerability (CVSS 9.8). Risk factors: public PoC available.

Command Injection RCE Netgear Bl F1200 At1 Firmware Bl Ac1900 Firmware +7
NVD GitHub
CVSS 3.1
9.8
EPSS
3.0%
CVE-2025-39240 HIGH This Week

CVE-2025-39240 is an authenticated remote command execution vulnerability in Hikvision Wireless Access Points caused by insufficient input validation in packet handling. Attackers with valid credentials can send crafted packets to execute arbitrary commands on affected devices, potentially achieving full system compromise. The vulnerability has a CVSS 7.2 score reflecting high confidentiality, integrity, and availability impact, though it requires valid authentication credentials to exploit.

Command Injection Hikvision RCE Authentication Bypass
NVD
CVSS 3.1
7.2
EPSS
0.2%
CVE-2025-22237 PyPI MEDIUM PATCH This Month

An attacker with access to a minion key can exploit the 'on demand' pillar functionality with a specially crafted git url which could cause and arbitrary command to be run on the master with the same privileges as the master process.

Command Injection Debian Ubuntu Suse
NVD GitHub
CVSS 3.1
6.7
EPSS
0.0%
CVE-2025-47959 HIGH PATCH This Week

Command injection vulnerability in Visual Studio that allows an authenticated attacker with local user interaction to execute arbitrary code over a network with high impact on confidentiality, integrity, and availability. While the vulnerability requires prior authorization and user interaction, successful exploitation could lead to complete system compromise. No public indication of active exploitation or widespread POC availability is currently documented, but the CVSS 7.1 score reflects significant risk in collaborative development environments where multiple authorized users access shared Visual Studio instances.

Command Injection Microsoft Windows RCE Visual Studio 2022
NVD
CVSS 3.1
7.1
EPSS
0.2%
CVE-2025-4231 HIGH PATCH This Week

Command injection vulnerability in Palo Alto Networks PAN-OS that allows an authenticated administrative user to execute arbitrary commands with root privileges. The vulnerability requires network access to the management web interface and successful authentication, making it a post-authentication remote code execution flaw. While the CVSS score of 7.2 is moderately high, the requirement for administrative credentials significantly limits its practical exploitability in most environments.

Paloalto Command Injection Privilege Escalation Pan Os
NVD
CVSS 3.1
7.2
EPSS
0.1%
CVE-2025-4230 HIGH PATCH This Week

Command injection vulnerability in Palo Alto Networks PAN-OS that allows authenticated administrators with CLI access to bypass system restrictions and execute arbitrary commands with root privileges. The vulnerability affects on-premises PAN-OS deployments with CVSS 8.4, but risk is significantly reduced in environments where CLI access is restricted to a limited administrative group. Cloud NGFW and Prisma Access are not affected.

Paloalto Command Injection RCE Privilege Escalation
NVD
CVSS 4.0
8.4
EPSS
0.1%
CVE-2025-32711 CRITICAL POC Act Now

CVE-2025-32711 is an AI command injection vulnerability in Microsoft 365 Copilot that enables unauthenticated network-based attacks to disclose sensitive information without user interaction. The vulnerability affects M365 Copilot deployments and allows attackers to inject malicious commands that bypass normal authorization controls. With a critical CVSS score of 9.3 and no authentication requirement, this poses an immediate risk to organizations using Copilot features; exploitation status and POC availability require confirmation through Microsoft security advisories.

Command Injection Microsoft Information Disclosure 365 Copilot
NVD GitHub
CVSS 3.1
9.3
EPSS
3.4%
CVE-2025-41663 CRITICAL Act Now

Critical command injection vulnerability in u-link Management API that allows unauthenticated remote attackers positioned as man-in-the-middle (MITM) to inject arbitrary commands into WWH server responses, which are then executed with elevated privileges. The vulnerability requires clients to use insecure proxy configurations to exploit, resulting in complete system compromise (CVSS 9.8). While no public POC or KEV listing is available at publication, the attack vector is network-based with low complexity, making this a significant priority for organizations using u-link with proxy infrastructure.

Command Injection RCE Privilege Escalation Authentication Bypass
NVD
CVSS 3.1
9.8
EPSS
0.2%
CVE-2025-31104 HIGH This Week

FortiADC versions 6.1 through 7.6.1 contain an OS command injection vulnerability (CWE-78) that allows authenticated attackers with high privileges to execute arbitrary code through crafted HTTP requests. The vulnerability affects multiple product versions across several release branches, with a CVSS score of 7.2 indicating high severity. While the attack requires authentication and high-level privileges, successful exploitation results in complete system compromise with confidentiality, integrity, and availability impact.

Command Injection Fortinet Fortigate RCE Authentication Bypass +1
NVD
CVSS 3.1
7.2
EPSS
0.1%
CVE-2025-4678 HIGH PATCH This Week

CVE-2025-4678 is an OS command injection vulnerability in Pandora ITSM 5.0.105 where the chromium_path variable fails to properly neutralize special elements, allowing authenticated attackers with high privileges to execute arbitrary system commands. With a CVSS score of 7.0 and network-accessible attack vector, this vulnerability poses a significant risk to affected deployments, particularly if the system is exposed to untrusted administrative users or if privilege escalation chains exist.

Command Injection
NVD
CVSS 4.0
7.0
EPSS
0.3%
CVE-2025-4653 HIGH POC PATCH THREAT Act Now

OS command injection vulnerability in the backup name field of Pandora ITSM 5.0.105 that results from improper neutralization of special elements (CWE-77). An authenticated attacker with high privileges can inject arbitrary OS commands through the backup name parameter, potentially achieving code execution with high confidentiality impact. The CVSS 7.0 score reflects the requirement for privileged access (PR:H), but the network-accessible attack vector (AV:N) and low attack complexity (AC:L) indicate this is a practical threat in enterprise environments where administrative accounts may be compromised or abused.

Command Injection
NVD
CVSS 4.0
7.0
EPSS
34.7%
CVE-2025-40591 HIGH This Week

A security vulnerability in A vulnerability (CVSS 7.7). High severity vulnerability requiring prompt remediation.

Command Injection Siemens RCE Information Disclosure Privilege Escalation +1
NVD
CVSS 3.1
7.7
EPSS
0.1%
CVE-2024-13089 HIGH PATCH This Week

CVE-2024-13089 is an OS command injection vulnerability in the update functionality of Nozomi Networks Guardian and CMC appliances that allows authenticated administrators to bypass signature validation and execute arbitrary OS commands. While the vulnerability requires high-privilege administrative access, the improper cryptographic signature validation on update packages creates a critical integrity bypass that could lead to complete system compromise. The attack is network-accessible with no user interaction required once an administrator initiates an update.

Command Injection
NVD
CVSS 3.1
7.2
EPSS
0.2%
CVE-2025-5743 MEDIUM This Month

CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability exists that could cause remote control over the charging station when an authenticated user modifies configuration parameters on the web server.

Command Injection
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2025-5952 MEDIUM This Month

A critical OS command injection vulnerability exists in Zend.To versions up to 6.10-6 Beta, where unsanitized user input in the 'file_1' parameter of NSSDropoff.php's exec function allows remote, unauthenticated attackers to execute arbitrary system commands with application-level privileges. The vulnerability has been publicly disclosed with working exploits available, making active exploitation probable, though it affects an older software version that has been superseded by newer releases with additional security controls.

PHP Command Injection
NVD VulDB
CVSS 4.0
5.5
EPSS
0.4%
CVE-2025-49141 npm HIGH POC PATCH This Week

HAX CMS PHP versions prior to 11.0.3 contain an OS command injection vulnerability in the `gitImportSite` functionality where insufficient input validation on user-supplied URL parameters allows authenticated attackers to bypass `filter_var` and `strpos` checks and execute arbitrary OS commands via the `set_remote` function's `proc_open` call. An authenticated attacker can leverage this to execute arbitrary commands and exfiltrate output, representing a critical post-authentication code execution risk with high real-world impact due to full OS command execution capability.

PHP Command Injection Haxcms Nodejs Haxcms Php
NVD GitHub
CVSS 3.1
8.5
EPSS
0.9%
CVE-2025-3460 HIGH POC This Week

Command injection vulnerability in Quantenna Wi-Fi chipset control scripts (specifically the set_tx_pow utility) that allows local, unauthenticated attackers to execute arbitrary commands with elevated privileges. The vulnerability affects Quantenna Wi-Fi chipset SDK through version 8.0.0.28 and remains unpatched at the time of disclosure, though the vendor has issued a best practices guide. An attacker with local access can leverage CWE-88 (argument injection) to compromise system integrity and confidentiality.

Command Injection Qcs Ax3 T8 Firmware Qv942c Firmware Qsr10gu Firmware Qv840 Firmware +14
NVD
CVSS 3.1
7.7
EPSS
0.3%
CVE-2025-3459 HIGH This Week

A command injection vulnerability (CVSS 7.7). High severity vulnerability requiring prompt remediation.

Command Injection RCE Qsr10gu Firmware Qcs Ax2 T8 Firmware Qcs Ax3 T8 Firmware +15
NVD
CVSS 3.1
7.7
EPSS
0.2%
CVE-2025-35010 HIGH POC This Week

Post-authentication command injection vulnerability in the AT+MNPINGTM command affecting Microhard BulletLTE-NA2 and IPn4Gii-NA2 products. An authenticated local attacker can exploit this CWE-88 argument injection flaw to achieve privilege escalation, gaining high-confidentiality and high-integrity impact. The vulnerability remains generally unfixed at the time of CVE publication, indicating active exposure in deployed systems.

Privilege Escalation Command Injection Ipn4gii Na2 Firmware Bulletlte Na2 Firmware
NVD
CVSS 3.1
7.1
EPSS
0.2%
CVE-2025-35009 HIGH POC This Week

Post-authentication command injection vulnerability in the AT+MNNETSP command affecting Microhard BulletLTE-NA2 and IPn4Gii-NA2 products, allowing authenticated local users to achieve privilege escalation through improper argument delimiter neutralization. With a CVSS 7.1 score, high confidentiality and integrity impact, and no widespread patch availability at disclosure, this vulnerability poses a moderate-to-significant risk to organizations deploying these industrial LTE modems. The post-authentication requirement limits immediate exposure but represents a critical internal threat vector for privilege escalation once system access is obtained.

Privilege Escalation Command Injection Bulletlte Na2 Firmware Ipn4gii Na2 Firmware
NVD
CVSS 3.1
7.1
EPSS
0.2%
CVE-2025-35008 HIGH POC This Week

Post-authentication command injection vulnerability in the AT+MMNAME command affecting Microhard BulletLTE-NA2 and IPn4Gii-NA2 products, allowing authenticated local attackers to escalate privileges through argument delimiter manipulation (CWE-88). With a CVSS score of 7.1 and no general fix available at publication, this vulnerability represents a moderate-to-high risk for organizations deploying these industrial/embedded LTE communication devices. The post-authentication requirement and local attack vector limit exposure, but privilege escalation impact is significant.

Privilege Escalation Command Injection Bulletlte Na2 Firmware Ipn4gii Na2 Firmware
NVD
CVSS 3.1
7.1
EPSS
0.2%
CVE-2025-35007 HIGH POC This Week

Post-authentication command injection vulnerability in the AT+MFRULE command affecting Microhard BulletLTE-NA2 and IPn4Gii-NA2 products, allowing authenticated local attackers to achieve privilege escalation through improper argument delimiter neutralization (CWE-88). With a CVSS score of 7.1 and no general fix available at publication, this vulnerability presents a moderate-to-high risk for systems where local authentication access can be obtained. The vulnerability has not been reported as actively exploited in public KEV catalogs, but the lack of available patches and the privilege escalation potential warrant immediate assessment and mitigation planning.

Privilege Escalation Command Injection Bulletlte Na2 Firmware Ipn4gii Na2 Firmware
NVD
CVSS 3.1
7.1
EPSS
0.2%
CVE-2025-35006 HIGH POC This Week

Post-authentication command injection vulnerability in the AT+MFPORTFWD command affecting Microhard BulletLTE-NA2 and IPn4Gii-NA2 products. An authenticated local attacker can exploit improper argument delimiter neutralization (CWE-88) to achieve privilege escalation, potentially gaining unauthorized access to system resources. As of the CVE publication date, no general fix has been released, and the vulnerability carries a CVSS score of 7.1 with high confidentiality and integrity impact.

Privilege Escalation Command Injection Bulletlte Na2 Firmware Ipn4gii Na2 Firmware
NVD
CVSS 3.1
7.1
EPSS
0.2%
CVE-2025-35005 HIGH POC This Week

Post-authentication command injection vulnerability in the AT+MFMAC command affecting Microhard BulletLTE-NA2 and IPn4Gii-NA2 products. An authenticated local attacker can exploit improper argument delimiter neutralization (CWE-88) to achieve privilege escalation, gaining high-confidence access to sensitive system functions and data. As of the CVE publication date, no general fix has been released, and the vulnerability remains unpatched across affected product lines.

Privilege Escalation Command Injection Ipn4gii Na2 Firmware Bulletlte Na2 Firmware
NVD
CVSS 3.1
7.1
EPSS
0.2%
CVE-2025-35004 HIGH POC This Week

Post-authentication command injection vulnerability in the AT+MFIP command affecting Microhard BulletLTE-NA2 and IPn4Gii-NA2 products, enabling authenticated local attackers to achieve privilege escalation through improper argument delimiter neutralization (CWE-88). With a CVSS 7.1 score and no indication of general fixes at publication, this vulnerability presents a moderate-to-high risk for systems using affected modem/gateway products; exploitation requires local access and valid credentials but no user interaction.

Privilege Escalation Command Injection Ipn4gii Na2 Firmware Bulletlte Na2 Firmware
NVD
CVSS 3.1
7.1
EPSS
0.2%
CVE-2025-32459 HIGH This Week

A command injection vulnerability exists in the Quantenna Wi-Fi chipset's router_command.sh script, specifically in the sync_time argument handler, allowing unauthenticated local attackers to execute arbitrary commands with high impact on confidentiality and integrity. The vulnerability affects Quantenna Wi-Fi chipset SDK versions through 8.0.0.28 and remains unpatched as of the CVE publication date, though the vendor has released implementation best practices rather than a direct patch. The CVSS 7.7 score reflects the local attack vector but high-impact consequences; exploitation requires local access but no privileges or user interaction.

Command Injection Qcs Ax2 A12 Firmware Qv952c Firmware Qcs Ax3 T12 Firmware Qd840 Firmware +14
NVD
CVSS 3.1
7.7
EPSS
0.2%
CVE-2025-32458 HIGH This Week

Command injection vulnerability in Quantenna Wi-Fi chipset control scripts (router_command.sh) that allows local, unauthenticated attackers to execute arbitrary commands with high impact to confidentiality and integrity. The vulnerability affects Quantenna Wi-Fi chipset through version 8.0.0.28 of the SDK and remains unpatched at disclosure, though the vendor has issued a best practices guide rather than a direct security patch. With a CVSS score of 7.7 and local attack vector requirements, this represents a significant risk to deployed routers and wireless access points using this chipset.

Command Injection Qhs710 Firmware Qcs Ax2 A12 Firmware Qv860 Firmware Qv952c Firmware +14
NVD
CVSS 3.1
7.7
EPSS
0.2%
CVE-2025-32457 HIGH This Week

A command injection vulnerability (CVSS 7.7). High severity vulnerability requiring prompt remediation.

Command Injection Qcs Ax3 A12 Firmware Qcs Ax2 T8 Firmware Qcs Ax3 S5 Firmware Qd840 Firmware +14
NVD
CVSS 3.1
7.7
EPSS
0.2%
CVE-2025-32456 HIGH This Week

A command injection vulnerability exists in the Quantenna Wi-Fi chipset's router_command.sh script affecting versions through 8.0.0.28 of the SDK. The flaw allows unauthenticated local attackers to inject arbitrary commands via improper argument handling in the put_file_to_qtn parameter, potentially leading to confidentiality and integrity compromise. No official patch is available as of the CVE publication date, though the vendor has released mitigation guidance; this vulnerability is not currently tracked as actively exploited in CISA's Known Exploited Vulnerabilities catalog.

Command Injection RCE Linux Qcs Ax2 A12 Firmware Qcs Ax3 T8 Firmware +16
NVD
CVSS 3.1
7.7
EPSS
0.2%
CVE-2025-32455 HIGH This Week

A command injection vulnerability exists in the Quantenna Wi-Fi chipset's router_command.sh local control script, allowing unauthenticated local attackers to execute arbitrary commands with high impact on confidentiality and integrity. The vulnerability affects Quantenna Wi-Fi chipset versions through 8.0.0.28 of the latest SDK and remains unpatched as of the CVE publication date, though the vendor has provided best practices guidance rather than a direct patch. With a CVSS score of 7.7 and local attack vector requirements, this poses significant risk to routers and access points using affected Quantenna chipsets, particularly in multi-user or compromised-local-network scenarios.

Command Injection RCE Qcs Ax3 A12 Firmware Qsr10ga Firmware Qd840 Firmware +15
NVD
CVSS 3.1
7.7
EPSS
0.2%
CVE-2025-5836 LOW POC Monitor

A vulnerability was found in Tenda AC9 15.03.02.13. It has been rated as critical. This issue affects the function formSetIptv of the file /goform/SetIPTVCfg of the component POST Request Handler. The manipulation of the argument list leads to command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Command Injection Tenda
NVD VulDB
CVSS 4.0
2.1
EPSS
2.1%
CVE-2025-22481 HIGH PATCH This Week

Command injection vulnerability affecting QNAP NAS operating systems (QTS and QuTS hero) that allows authenticated remote attackers to execute arbitrary commands with high severity (CVSS 8.8). The vulnerability requires valid user credentials but no user interaction, making it exploitable by compromised accounts or insider threats. QNAP has released patches as of March 21, 2025, and exploitation details are limited in public disclosures at this time.

Qnap Command Injection RCE Qts Quts Hero
NVD
CVSS 3.1
8.8
EPSS
0.2%
CVE-2024-13087 MEDIUM PATCH This Month

A command injection vulnerability has been reported to affect QHora. If an attacker gains local network access who have also gained an administrator account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the following version: QuRouter 2.4.6.028 and later

Command Injection Qurouter
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2025-5763 LOW POC Monitor

A vulnerability has been found in Tenda CP3 11.10.00.2311090948 and classified as critical. Affected by this vulnerability is the function sub_F3C8C of the file apollo. The manipulation leads to command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Command Injection Tenda
NVD GitHub VulDB
CVSS 4.0
2.0
EPSS
0.9%
CVE-2025-5695 LOW POC Monitor

A vulnerability has been found in Teledyne FLIR AX8 up to 1.46.16. This impacts the function subscribe_to_spot/subscribe_to_delta/subscribe_to_alarm of the file /usr/www/application/models/subscriptions.php of the component Backend. Such manipulation leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.49.16 will fix this issue. It is suggested to upgrade the affected component. The vendor points out: "FLIR AX8 internal web site has been refactored to be able to handle the reported vulnerabilities."

PHP Command Injection
NVD GitHub VulDB
CVSS 4.0
2.0
EPSS
0.9%
CVE-2025-5621 HIGH POC This Week

A command injection vulnerability in A vulnerability (CVSS 7.3). Risk factors: public PoC available.

Command Injection D-Link RCE Dir 816 Firmware
NVD GitHub VulDB
CVSS 3.1
7.3
EPSS
1.0%
CVE-2025-5620 HIGH POC This Week

A critical remote code execution vulnerability exists in D-Link DIR-816 firmware version 1.10CNB05, allowing unauthenticated attackers to execute arbitrary OS commands via the /goform/setipsec_config endpoint by manipulating localIP or remoteIP parameters. The vulnerability has a publicly disclosed proof-of-concept exploit and affects end-of-life hardware no longer receiving security updates from D-Link, creating significant risk for deployed instances.

Command Injection D-Link RCE Ipsec Dir 816 Firmware
NVD GitHub VulDB
CVSS 3.1
7.3
EPSS
1.0%
CVE-2025-5606 MEDIUM POC This Month

A vulnerability was found in Tenda AC18 15.03.05.05. It has been declared as critical. This vulnerability affects the function formSetIptv of the file /goform/SetIPTVCfg. The manipulation of the argument list leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Command Injection Ac18 Firmware Tenda
NVD VulDB
CVSS 3.1
6.3
EPSS
1.5%
CVE-2025-20278 MEDIUM This Month

A vulnerability in the CLI of multiple Cisco Unified Communications products could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device as the root user. This vulnerability is due to improper validation of user-supplied command arguments. An attacker could exploit this vulnerability by executing crafted commands on the CLI of an affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system of an affected device as the root user. To exploit this vulnerability, the attacker must have valid administrative credentials.

Command Injection Cisco Socialminer Unified Communications Manager Im And Presence Service Finesse +5
NVD
CVSS 3.1
6.0
EPSS
0.0%
CVE-2025-5573 MEDIUM POC This Month

A vulnerability was found in D-Link DCS-932L 2.18.01. It has been rated as critical. Affected by this issue is the function setSystemWizard/setSystemControl of the file /setSystemWizard. The manipulation of the argument AdminID leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

Command Injection Dcs 932l Firmware D-Link
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
0.7%
CVE-2025-5571 MEDIUM POC This Month

A vulnerability was found in D-Link DCS-932L 2.18.01. It has been classified as critical. Affected is the function setSystemAdmin of the file /setSystemAdmin. The manipulation of the argument AdminID leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

Command Injection Dcs 932l Firmware D-Link
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
0.6%
CVE-2025-5525 MEDIUM POC This Month

A vulnerability was found in Jrohy trojan up to 2.15.3. It has been declared as critical. This vulnerability affects the function LogChan of the file trojan/util/linux.go. The manipulation of the argument c leads to os command injection. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used.

Command Injection Trojan
NVD GitHub VulDB
CVSS 3.1
5.6
EPSS
0.6%
CVE-2025-5515 MEDIUM POC This Month

A vulnerability, which was classified as critical, has been found in TOTOLINK X2000R 1.0.0-B20230726.1108. Affected by this issue is some unknown functionality of the file /boafrm/formMapDel. The manipulation of the argument devicemac1 leads to command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Command Injection X2000r Firmware TOTOLINK
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
1.7%
CVE-2025-5504 MEDIUM POC This Month

A vulnerability has been found in TOTOLINK X2000R 1.0.0-B20230726.1108 and classified as critical. This vulnerability affects unknown code of the file /boafrm/formWsc. The manipulation of the argument peerRptPin leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Command Injection X2000r Firmware TOTOLINK
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
1.9%
CVE-2025-5502 MEDIUM POC This Month

A vulnerability, which was classified as critical, has been found in TOTOLINK X15 1.0.0-B20230714.1105. Affected by this issue is the function formMapReboot of the file /boafrm/formMapReboot. The manipulation of the argument deviceMacAddr leads to command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Command Injection X15 Firmware TOTOLINK
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
4.2%
CVE-2025-5492 MEDIUM This Month

A vulnerability has been found in D-Link DI-500WF-WT up to 20250511 and classified as critical. Affected by this vulnerability is the function sub_456DE8 of the file /msp_info.htm?flag=cmd of the component /usr/sbin/jhttpd. The manipulation of the argument cmd leads to command injection. The attack can be launched remotely.

Command Injection Di 500wf Wt Firmware D-Link
NVD VulDB
CVSS 3.1
6.3
EPSS
0.2%
CVE-2025-21479 HIGH KEV THREAT Act Now

A second Qualcomm GPU micronode memory corruption vulnerability (CVE-2025-21479, CVSS 8.6) exists in the unauthorized command execution path during specific GPU command sequences. KEV-listed alongside CVE-2025-21480, this indicates a systemic issue in Qualcomm's GPU micronode command validation that is being actively exploited in mobile attack chains.

Memory Corruption Command Injection RCE Wcn7881 Firmware Snapdragon 888 5g Mobile Platform Firmware +62
NVD
CVSS 3.1
8.6
EPSS
0.1%
CVE-2025-31710 MEDIUM This Month

In engineermode service, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed.

Privilege Escalation Command Injection Android Google
NVD
CVSS 3.1
5.9
EPSS
0.0%
CVE-2025-21480 HIGH KEV THREAT Act Now

Qualcomm GPU micronode contains a memory corruption vulnerability (CVE-2025-21480, CVSS 8.6) caused by unauthorized command execution during specific GPU command sequences. KEV-listed, this vulnerability enables privilege escalation from the GPU context, potentially allowing app-level attackers to gain kernel access through the GPU driver on Qualcomm-based Android devices.

Memory Corruption Command Injection RCE Wsa8832 Firmware Fastconnect 6700 Firmware +63
NVD
CVSS 3.1
8.6
EPSS
1.5%
CVE-2025-27954 MEDIUM This Month

An issue in Clinical Collaboration Platform 12.2.1.5 allows a remote attacker to obtain sensitive information and execute arbitrary code via the usertoken function of default.aspx.

RCE Command Injection Clinical Collaboration Platform
NVD GitHub
CVSS 3.1
6.5
EPSS
0.2%
CVE-2025-27953 MEDIUM This Month

An issue in Clinical Collaboration Platform 12.2.1.5 allows a remote attacker to obtain sensitive information and execute arbitrary code via the session management component.

RCE Command Injection Clinical Collaboration Platform
NVD GitHub
CVSS 3.1
6.5
EPSS
0.2%
CVE-2025-37096 CRITICAL PATCH Act Now

Command Injection Rce (3Rd) in HPE StoreOnce backup storage software. One of 6 critical CVEs.

RCE Command Injection Storeonce System
NVD
CVSS 3.1
9.8
EPSS
0.4%
CVE-2025-5447 MEDIUM POC This Month

A vulnerability was found in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. It has been declared as critical. This vulnerability affects the function ssid1MACFilter of the file /goform/ssid1MACFilter. The manipulation of the argument apselect_%d/newap_text_%d leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Command Injection Re6250 Firmware Re6300 Firmware Re7000 Firmware Re9000 Firmware +2
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
2.0%
CVE-2025-37092 CRITICAL PATCH Act Now

Command Injection Rce (2Nd) in HPE StoreOnce backup storage software. One of 6 critical CVEs.

RCE Command Injection Storeonce System
NVD
CVSS 3.1
9.8
EPSS
0.4%
CVE-2025-37091 HIGH PATCH This Week

Command injection remote code execution vulnerability in HPE StoreOnce Software that allows authenticated attackers with high privileges to execute arbitrary commands on affected systems. The vulnerability has a CVSS score of 7.2 (high severity) and requires authenticated access but no user interaction. Given the command injection nature (CWE-77) and network attack vector, this poses significant risk to organizations running vulnerable HPE StoreOnce deployments, particularly if KEV status or active exploitation is confirmed.

RCE Command Injection HP Storeonce System
NVD
CVSS 3.1
7.2
EPSS
0.4%
CVE-2025-37089 CRITICAL PATCH Act Now

Command Injection Rce in HPE StoreOnce backup storage software. One of 6 critical CVEs.

RCE Command Injection Storeonce System
NVD
CVSS 3.1
9.8
EPSS
0.4%
CVE-2025-5446 MEDIUM POC This Month

A vulnerability was found in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. It has been classified as critical. This affects the function RP_checkCredentialsByBBS of the file /goform/RP_checkCredentialsByBBS. The manipulation of the argument pwd leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Command Injection Re7000 Firmware Re6250 Firmware Re6350 Firmware Re6300 Firmware +2
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
1.2%
CVE-2025-5445 MEDIUM POC This Month

A vulnerability was found in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001 and classified as critical. Affected by this issue is the function RP_checkFWByBBS of the file /goform/RP_checkFWByBBS. The manipulation of the argument type/ch/ssidhex/security/extch/pwd/mode/ip/nm/gw leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Command Injection Re9000 Firmware Re7000 Firmware Re6500 Firmware Re6350 Firmware +2
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
1.6%
CVE-2025-5444 MEDIUM POC This Month

A vulnerability has been found in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001 and classified as critical. Affected by this vulnerability is the function RP_UpgradeFWByBBS of the file /goform/RP_UpgradeFWByBBS. The manipulation of the argument type/ch/ssidhex/security/extch/pwd/mode/ip/nm/gw leads to os command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Command Injection Re9000 Firmware Re6500 Firmware Re6300 Firmware Re6250 Firmware +2
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
1.6%
CVE-2025-5443 MEDIUM POC This Month

A vulnerability, which was classified as critical, was found in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. Affected is the function wirelessAdvancedHidden of the file /goform/wirelessAdvancedHidden. The manipulation of the argument ExtChSelector/24GSelector/5GSelector leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Command Injection Re9000 Firmware Re6500 Firmware Re6350 Firmware Re7000 Firmware +2
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
1.6%
CVE-2025-5442 MEDIUM POC This Month

A vulnerability, which was classified as critical, has been found in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This issue affects the function RP_pingGatewayByBBS of the file /goform/RP_pingGatewayByBBS. The manipulation of the argument ip/nm/gw leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Command Injection Re6350 Firmware Re7000 Firmware Re6250 Firmware Re6500 Firmware +2
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
1.2%
CVE-2025-5441 MEDIUM POC This Month

A vulnerability classified as critical was found in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This vulnerability affects the function setDeviceURL of the file /goform/setDeviceURL. The manipulation of the argument DeviceURL leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Command Injection Re9000 Firmware Re6250 Firmware Re6300 Firmware Re7000 Firmware +2
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
1.2%
CVE-2025-5440 MEDIUM POC This Month

A vulnerability classified as critical has been found in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This affects the function NTP of the file /goform/NTP. The manipulation of the argument manual_year_select/manual_month_select/manual_day_select/manual_hour_select/manual_min_select/manual_sec_select leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Command Injection Re7000 Firmware Re9000 Firmware Re6300 Firmware Re6500 Firmware +2
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
1.1%
CVE-2025-5439 MEDIUM POC This Month

A vulnerability was found in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. It has been rated as critical. Affected by this issue is the function verifyFacebookLike of the file /goform/verifyFacebookLike. The manipulation of the argument uid/accessToken leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Command Injection Re6350 Firmware Re6500 Firmware Re7000 Firmware Re6250 Firmware +2
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
1.1%
CVE-2025-5438 MEDIUM POC This Month

A vulnerability was found in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. It has been declared as critical. Affected by this vulnerability is the function WPS of the file /goform/WPS. The manipulation of the argument PIN leads to command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Command Injection Re9000 Firmware Re6250 Firmware Re6300 Firmware Re6350 Firmware +2
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
1.8%
CVE-2025-5113 HIGH This Week

Critical vulnerability in Diviotec professional series devices that combines arbitrary command injection via a web interface endpoint with hardcoded credentials, allowing authenticated attackers to execute arbitrary commands with high impact on confidentiality, integrity, and availability. The CVSS 8.6 score reflects the severity of command injection paired with hardcoded passwords that eliminate authentication barriers. This vulnerability affects network-accessible professional series devices and represents an immediate risk in environments where these devices are deployed, particularly where adjacent network access is possible.

Command Injection
NVD
CVSS 4.0
8.6
EPSS
0.2%
CVE-2025-4010 HIGH PATCH This Week

Critical remote code execution vulnerability affecting Netcom NTC 6200 and NWL 222 series network devices. The vulnerability stems from multiple command injection flaws in the web interface combined with hardcoded credentials, allowing authenticated remote attackers to execute arbitrary commands with elevated privileges. With a CVSS score of 8.6 and an attack vector requiring only adjacent network access and low privileges, this vulnerability poses significant risk to organizations deploying these devices in networked environments.

RCE Command Injection
NVD
CVSS 4.0
8.6
EPSS
0.2%
CVE-2025-48492 HIGH POC This Week

GetSimple CMS is a content management system. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection PHP RCE Getsimple Cms
NVD GitHub
CVSS 4.0
8.6
EPSS
2.8%
CVE-2025-41385 HIGH This Week

An OS Command Injection issue exists in wivia 5 all versions. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Wivia 5 Firmware
NVD
CVSS 4.0
7.1
EPSS
0.5%
CVE-2025-48047 CRITICAL This Week

An authenticated user can perform command injection via unsanitized input to the NetFax Server’s ping functionality via the /test.php endpoint. Rated critical severity (CVSS 9.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection PHP
NVD
CVSS 4.0
9.4
EPSS
1.6%
CVE-2024-57338 MEDIUM This Month

An arbitrary file upload vulnerability in M2Soft CROWNIX Report & ERS v5.x to v5.5.14.1070, v7.x to v7.4.3.960, and v8.x to v8.2.0.345 allows attackers to execute arbitrary code via supplying a. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection RCE File Upload
NVD
CVSS 3.1
6.5
EPSS
0.4%
EPSS 1% CVSS 8.4
HIGH This Week

CVE-2025-23049 is an OS Command Injection vulnerability in Meridian Technique Materialise OrthoView through version 7.5.1 that allows unauthenticated remote attackers to execute arbitrary operating system commands when servlet sharing is enabled. The vulnerability has a CVSS score of 8.4 (High) and affects healthcare/dental imaging software used by medical professionals. Attackers can achieve high confidentiality impact and high availability impact, making this a significant threat to healthcare organizations relying on OrthoView for patient imaging workflows.

Command Injection
NVD
EPSS 4% CVSS 2.1
LOW POC Monitor

A vulnerability was found in TOTOLINK A3002R 1.1.1-B20200824.0128. It has been classified as critical. This affects the function formWlSiteSurvey of the file /boafrm/formWlSiteSurvey. The manipulation of the argument wlanif leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Command Injection
NVD GitHub VulDB
EPSS 2% CVSS 10.0
CRITICAL POC Act Now

CVE-2025-34030 is a critical OS command injection vulnerability in sar2html versions 3.2.2 and earlier that allows unauthenticated remote attackers to execute arbitrary shell commands through unsanitized input in the 'plot' parameter of index.php. The vulnerability has a perfect CVSS score of 10.0 and requires no authentication, user interaction, or special privileges to exploit. Active exploitation was observed by the Shadowserver Foundation as of February 4, 2025, indicating this is not a theoretical threat.

PHP Command Injection
NVD GitHub Exploit-DB
EPSS 2% CVSS 8.8
HIGH POC This Week

CVE-2025-34029 is an OS command injection vulnerability in Edimax EW-7438RPn Mini wireless router firmware version 1.13 and prior that allows authenticated remote attackers to execute arbitrary shell commands as root through the /goform/formSysCmd endpoint. The vulnerability has a CVSS score of 8.8 (High) and was observed being exploited in the wild by the Shadowserver Foundation on 2024-09-14 UTC, indicating active real-world attack activity against this widely-deployed consumer networking device.

Command Injection Ew 7438rpn Mini Firmware
NVD Exploit-DB
EPSS 1% CVSS 8.8
HIGH POC This Week

CVE-2025-34024 is an OS command injection vulnerability in Edimax EW-7438RPn wireless range extender firmware versions 1.13 and prior, allowing authenticated attackers to execute arbitrary commands as root via the /goform/mp endpoint. The vulnerability results from improper input validation on the 'command' parameter in the mp.asp form handler, enabling shell metacharacter injection. Active exploitation was observed by the Shadowserver Foundation on 2024-09-14 UTC, indicating real-world threat activity against this device.

Command Injection Ew 7438rpn Mini Firmware
NVD Exploit-DB
EPSS 18% 4.0 CVSS 9.8
CRITICAL POC THREAT Emergency

MiniDVBLinux version 5.4 and earlier contains an unauthenticated OS command injection in the web-based management interface. The DVB streaming platform fails to sanitize user input before passing it to operating system commands, enabling remote attackers to execute arbitrary commands on the media server.

Command Injection Minidvblinux
NVD Exploit-DB
EPSS 0% CVSS 5.9
MEDIUM PATCH This Month

A command injection vulnerability was discovered in the TrustyAI Explainability toolkit.

Command Injection Red Hat
NVD GitHub
EPSS 0% CVSS 2.0
LOW POC Monitor

A vulnerability was found in DedeCMS up to 5.7.2 and classified as critical. This issue affects some unknown processing of the file /include/dedetag.class.php of the component Template Handler. The manipulation of the argument notes leads to command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

PHP Command Injection
NVD GitHub VulDB
EPSS 2% CVSS 2.0
LOW POC Monitor

A vulnerability classified as critical has been found in TOTOLINK N150RT 3.4.0-B20190525. This affects an unknown part of the file /boa/formWSC. The manipulation of the argument targetAPSsid leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Command Injection
NVD VulDB
EPSS 30% 4.4 CVSS 9.8
CRITICAL POC PATCH THREAT Act Now

Critical OS Command Injection vulnerability in WeGIA (a web management system for charitable institutions) versions prior to 3.4.2, affecting the /html/configuracao/debug_info.php endpoint. An unauthenticated attacker can inject arbitrary operating system commands via the unsanitized 'branch' parameter, achieving remote code execution (RCE) with www-data user privileges. With a CVSS score of 9.8 and network-based attack vector requiring no authentication or user interaction, this represents an immediate and severe threat to all unpatched WeGIA deployments.

PHP Command Injection Wegia
NVD GitHub
EPSS 0% CVSS 6.7
MEDIUM This Month

The Versa Director SD-WAN orchestration platform includes functionality to initiate SSH sessions to remote CPEs and the Director shell via Shell-In-A-Box. The underlying Python script, shell-connect.py, is vulnerable to command injection through the user argument. This allows an attacker to execute arbitrary commands on the system. Exploitation Status: Versa Networks is not aware of any reported instance where this vulnerability was exploited. Proof of concept for this vulnerability has been disclosed by third party security researchers. Workarounds or Mitigation: There are no workarounds to disable the GUI option. Versa recommends that Director be upgraded to one of the remediated software versions.

Python Command Injection
NVD
EPSS 0%
NONE PATCH Awaiting Data

(conda) Constructor is a tool which allows constructing an installer for a collection of conda packages. Prior to version 3.11.3, shell installer scripts process the installation prefix (user_prefix) using an eval statement, which executes unsanitized user input as shell code. Although the script runs with user privileges (not root), an attacker could exploit this by injecting arbitrary commands through a malicious path during installation. Exploitation requires explicit user action. This issue has been patched in version 3.11.3.

Command Injection
NVD GitHub
EPSS 1% CVSS 8.8
HIGH This Week

Critical OS command injection vulnerability in Wifi-soft UniBox Controller affecting versions up to 20250506. An authenticated attacker can remotely execute arbitrary operating system commands via the 'ipaddress' parameter in /billing/pms_check.php, achieving complete system compromise. Public exploit code exists, the vendor has not responded to early disclosure, and this vulnerability meets criteria for immediate exploitation in real-world environments.

PHP Command Injection
NVD GitHub VulDB
EPSS 1% CVSS 8.8
HIGH This Week

A critical OS command injection vulnerability exists in Wifi-soft UniBox Controller versions up to 20250506 within the /billing/test_accesscodelogin.php file's Password parameter, allowing authenticated remote attackers to execute arbitrary system commands with high impact on confidentiality, integrity, and availability. Public exploit code has been disclosed and the vendor has not responded to early disclosure notifications, indicating active exploitation risk and lack of official patches.

PHP Command Injection
NVD GitHub VulDB
EPSS 0% CVSS 8.8
HIGH This Week

Critical OS command injection vulnerability in Wifi-soft UniBox Controller affecting versions up to 20250506, exploitable through the mac_address parameter in /authentication/logout.php. An authenticated attacker can remotely execute arbitrary OS commands with high impact on confidentiality, integrity, and availability. The vulnerability has been publicly disclosed with exploit code available, and the vendor has not responded to early disclosure attempts, significantly elevating real-world risk.

PHP Command Injection
NVD GitHub VulDB
EPSS 3% CVSS 9.8
CRITICAL POC Act Now

A command injection vulnerability (CVSS 9.8). Risk factors: public PoC available.

Command Injection RCE IoT +9
NVD GitHub
EPSS 3% CVSS 9.8
CRITICAL POC Act Now

Multiple Blink router models (8 distinct firmware versions across product lines) contain unauthenticated command injection vulnerabilities in the DNS configuration function (bs_SetDNSInfo), allowing remote attackers to execute arbitrary system commands with no authentication required. The CVSS 9.8 rating reflects the critical nature: network-exploitable, no privilege escalation needed, and complete compromise of confidentiality, integrity, and availability. While no KEV or public POC is documented in standard vulnerability databases as of this analysis, the combination of network accessibility and lack of authentication requirements makes this a high-priority threat for all affected Blink router owners.

Command Injection Bl Ac2100 Az3 Firmware Bl Lte300 Firmware +5
NVD GitHub
EPSS 3% CVSS 9.8
CRITICAL POC Act Now

A critical unauthenticated remote command injection vulnerability exists in multiple Blink router models through the 'mac' parameter in the bs_SetMacBlack function, allowing attackers to execute arbitrary commands with full system privileges. Affected models include BL-WR9000 V2.4.9, BL-AC2100_AZ3 V1.0.4, BL-X10_AC8 v1.0.5, BL-LTE300 v1.2.3, BL-F1200_AT1 v1.0.0, BL-X26_AC8 v1.2.8, BLAC450M_AE4 v4.0.0, and BL-X26_DA3 v1.2.7. With a CVSS score of 9.8 and network-based attack vector requiring no authentication or user interaction, this vulnerability poses severe risk to any exposed router on the network.

Command Injection Netgear RCE +8
NVD GitHub
EPSS 28% 4.3 CVSS 9.8
CRITICAL POC THREAT Emergency

Critical remote command injection vulnerability affecting multiple Blink router models through the bs_SetSSIDHide function, allowing unauthenticated attackers to execute arbitrary commands with full system compromise. The vulnerability impacts 8 distinct product lines across versions ranging from v1.0.0 to v4.0.0, with a CVSS score of 9.8 indicating severe severity due to network accessibility, low attack complexity, and no privilege requirements. This represents an actively exploitable flaw affecting home and small business network infrastructure with potential for widespread compromise.

Command Injection RCE Blac450m Ae4 Firmware +7
NVD GitHub
EPSS 3% CVSS 9.8
CRITICAL POC Act Now

A command injection vulnerability (CVSS 9.8). Risk factors: public PoC available.

Command Injection RCE Netgear +9
NVD GitHub
EPSS 0% CVSS 7.2
HIGH This Week

CVE-2025-39240 is an authenticated remote command execution vulnerability in Hikvision Wireless Access Points caused by insufficient input validation in packet handling. Attackers with valid credentials can send crafted packets to execute arbitrary commands on affected devices, potentially achieving full system compromise. The vulnerability has a CVSS 7.2 score reflecting high confidentiality, integrity, and availability impact, though it requires valid authentication credentials to exploit.

Command Injection Hikvision RCE +1
NVD
EPSS 0% CVSS 6.7
MEDIUM PATCH This Month

An attacker with access to a minion key can exploit the 'on demand' pillar functionality with a specially crafted git url which could cause and arbitrary command to be run on the master with the same privileges as the master process.

Command Injection Debian Ubuntu +1
NVD GitHub
EPSS 0% CVSS 7.1
HIGH PATCH This Week

Command injection vulnerability in Visual Studio that allows an authenticated attacker with local user interaction to execute arbitrary code over a network with high impact on confidentiality, integrity, and availability. While the vulnerability requires prior authorization and user interaction, successful exploitation could lead to complete system compromise. No public indication of active exploitation or widespread POC availability is currently documented, but the CVSS 7.1 score reflects significant risk in collaborative development environments where multiple authorized users access shared Visual Studio instances.

Command Injection Microsoft Windows +2
NVD
EPSS 0% CVSS 7.2
HIGH PATCH This Week

Command injection vulnerability in Palo Alto Networks PAN-OS that allows an authenticated administrative user to execute arbitrary commands with root privileges. The vulnerability requires network access to the management web interface and successful authentication, making it a post-authentication remote code execution flaw. While the CVSS score of 7.2 is moderately high, the requirement for administrative credentials significantly limits its practical exploitability in most environments.

Paloalto Command Injection Privilege Escalation +1
NVD
EPSS 0% CVSS 8.4
HIGH PATCH This Week

Command injection vulnerability in Palo Alto Networks PAN-OS that allows authenticated administrators with CLI access to bypass system restrictions and execute arbitrary commands with root privileges. The vulnerability affects on-premises PAN-OS deployments with CVSS 8.4, but risk is significantly reduced in environments where CLI access is restricted to a limited administrative group. Cloud NGFW and Prisma Access are not affected.

Paloalto Command Injection RCE +1
NVD
EPSS 3% CVSS 9.3
CRITICAL POC Act Now

CVE-2025-32711 is an AI command injection vulnerability in Microsoft 365 Copilot that enables unauthenticated network-based attacks to disclose sensitive information without user interaction. The vulnerability affects M365 Copilot deployments and allows attackers to inject malicious commands that bypass normal authorization controls. With a critical CVSS score of 9.3 and no authentication requirement, this poses an immediate risk to organizations using Copilot features; exploitation status and POC availability require confirmation through Microsoft security advisories.

Command Injection Microsoft Information Disclosure +1
NVD GitHub
EPSS 0% CVSS 9.8
CRITICAL Act Now

Critical command injection vulnerability in u-link Management API that allows unauthenticated remote attackers positioned as man-in-the-middle (MITM) to inject arbitrary commands into WWH server responses, which are then executed with elevated privileges. The vulnerability requires clients to use insecure proxy configurations to exploit, resulting in complete system compromise (CVSS 9.8). While no public POC or KEV listing is available at publication, the attack vector is network-based with low complexity, making this a significant priority for organizations using u-link with proxy infrastructure.

Command Injection RCE Privilege Escalation +1
NVD
EPSS 0% CVSS 7.2
HIGH This Week

FortiADC versions 6.1 through 7.6.1 contain an OS command injection vulnerability (CWE-78) that allows authenticated attackers with high privileges to execute arbitrary code through crafted HTTP requests. The vulnerability affects multiple product versions across several release branches, with a CVSS score of 7.2 indicating high severity. While the attack requires authentication and high-level privileges, successful exploitation results in complete system compromise with confidentiality, integrity, and availability impact.

Command Injection Fortinet Fortigate +3
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

CVE-2025-4678 is an OS command injection vulnerability in Pandora ITSM 5.0.105 where the chromium_path variable fails to properly neutralize special elements, allowing authenticated attackers with high privileges to execute arbitrary system commands. With a CVSS score of 7.0 and network-accessible attack vector, this vulnerability poses a significant risk to affected deployments, particularly if the system is exposed to untrusted administrative users or if privilege escalation chains exist.

Command Injection
NVD
EPSS 35% CVSS 7.0
HIGH POC PATCH THREAT Act Now

OS command injection vulnerability in the backup name field of Pandora ITSM 5.0.105 that results from improper neutralization of special elements (CWE-77). An authenticated attacker with high privileges can inject arbitrary OS commands through the backup name parameter, potentially achieving code execution with high confidentiality impact. The CVSS 7.0 score reflects the requirement for privileged access (PR:H), but the network-accessible attack vector (AV:N) and low attack complexity (AC:L) indicate this is a practical threat in enterprise environments where administrative accounts may be compromised or abused.

Command Injection
NVD
EPSS 0% CVSS 7.7
HIGH This Week

A security vulnerability in A vulnerability (CVSS 7.7). High severity vulnerability requiring prompt remediation.

Command Injection Siemens RCE +3
NVD
EPSS 0% CVSS 7.2
HIGH PATCH This Week

CVE-2024-13089 is an OS command injection vulnerability in the update functionality of Nozomi Networks Guardian and CMC appliances that allows authenticated administrators to bypass signature validation and execute arbitrary OS commands. While the vulnerability requires high-privilege administrative access, the improper cryptographic signature validation on update packages creates a critical integrity bypass that could lead to complete system compromise. The attack is network-accessible with no user interaction required once an administrator initiates an update.

Command Injection
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability exists that could cause remote control over the charging station when an authenticated user modifies configuration parameters on the web server.

Command Injection
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

A critical OS command injection vulnerability exists in Zend.To versions up to 6.10-6 Beta, where unsanitized user input in the 'file_1' parameter of NSSDropoff.php's exec function allows remote, unauthenticated attackers to execute arbitrary system commands with application-level privileges. The vulnerability has been publicly disclosed with working exploits available, making active exploitation probable, though it affects an older software version that has been superseded by newer releases with additional security controls.

PHP Command Injection
NVD VulDB
EPSS 1% CVSS 8.5
HIGH POC PATCH This Week

HAX CMS PHP versions prior to 11.0.3 contain an OS command injection vulnerability in the `gitImportSite` functionality where insufficient input validation on user-supplied URL parameters allows authenticated attackers to bypass `filter_var` and `strpos` checks and execute arbitrary OS commands via the `set_remote` function's `proc_open` call. An authenticated attacker can leverage this to execute arbitrary commands and exfiltrate output, representing a critical post-authentication code execution risk with high real-world impact due to full OS command execution capability.

PHP Command Injection Haxcms Nodejs +1
NVD GitHub
EPSS 0% CVSS 7.7
HIGH POC This Week

Command injection vulnerability in Quantenna Wi-Fi chipset control scripts (specifically the set_tx_pow utility) that allows local, unauthenticated attackers to execute arbitrary commands with elevated privileges. The vulnerability affects Quantenna Wi-Fi chipset SDK through version 8.0.0.28 and remains unpatched at the time of disclosure, though the vendor has issued a best practices guide. An attacker with local access can leverage CWE-88 (argument injection) to compromise system integrity and confidentiality.

Command Injection Qcs Ax3 T8 Firmware Qv942c Firmware +16
NVD
EPSS 0% CVSS 7.7
HIGH This Week

A command injection vulnerability (CVSS 7.7). High severity vulnerability requiring prompt remediation.

Command Injection RCE Qsr10gu Firmware +17
NVD
EPSS 0% CVSS 7.1
HIGH POC This Week

Post-authentication command injection vulnerability in the AT+MNPINGTM command affecting Microhard BulletLTE-NA2 and IPn4Gii-NA2 products. An authenticated local attacker can exploit this CWE-88 argument injection flaw to achieve privilege escalation, gaining high-confidentiality and high-integrity impact. The vulnerability remains generally unfixed at the time of CVE publication, indicating active exposure in deployed systems.

Privilege Escalation Command Injection Ipn4gii Na2 Firmware +1
NVD
EPSS 0% CVSS 7.1
HIGH POC This Week

Post-authentication command injection vulnerability in the AT+MNNETSP command affecting Microhard BulletLTE-NA2 and IPn4Gii-NA2 products, allowing authenticated local users to achieve privilege escalation through improper argument delimiter neutralization. With a CVSS 7.1 score, high confidentiality and integrity impact, and no widespread patch availability at disclosure, this vulnerability poses a moderate-to-significant risk to organizations deploying these industrial LTE modems. The post-authentication requirement limits immediate exposure but represents a critical internal threat vector for privilege escalation once system access is obtained.

Privilege Escalation Command Injection Bulletlte Na2 Firmware +1
NVD
EPSS 0% CVSS 7.1
HIGH POC This Week

Post-authentication command injection vulnerability in the AT+MMNAME command affecting Microhard BulletLTE-NA2 and IPn4Gii-NA2 products, allowing authenticated local attackers to escalate privileges through argument delimiter manipulation (CWE-88). With a CVSS score of 7.1 and no general fix available at publication, this vulnerability represents a moderate-to-high risk for organizations deploying these industrial/embedded LTE communication devices. The post-authentication requirement and local attack vector limit exposure, but privilege escalation impact is significant.

Privilege Escalation Command Injection Bulletlte Na2 Firmware +1
NVD
EPSS 0% CVSS 7.1
HIGH POC This Week

Post-authentication command injection vulnerability in the AT+MFRULE command affecting Microhard BulletLTE-NA2 and IPn4Gii-NA2 products, allowing authenticated local attackers to achieve privilege escalation through improper argument delimiter neutralization (CWE-88). With a CVSS score of 7.1 and no general fix available at publication, this vulnerability presents a moderate-to-high risk for systems where local authentication access can be obtained. The vulnerability has not been reported as actively exploited in public KEV catalogs, but the lack of available patches and the privilege escalation potential warrant immediate assessment and mitigation planning.

Privilege Escalation Command Injection Bulletlte Na2 Firmware +1
NVD
EPSS 0% CVSS 7.1
HIGH POC This Week

Post-authentication command injection vulnerability in the AT+MFPORTFWD command affecting Microhard BulletLTE-NA2 and IPn4Gii-NA2 products. An authenticated local attacker can exploit improper argument delimiter neutralization (CWE-88) to achieve privilege escalation, potentially gaining unauthorized access to system resources. As of the CVE publication date, no general fix has been released, and the vulnerability carries a CVSS score of 7.1 with high confidentiality and integrity impact.

Privilege Escalation Command Injection Bulletlte Na2 Firmware +1
NVD
EPSS 0% CVSS 7.1
HIGH POC This Week

Post-authentication command injection vulnerability in the AT+MFMAC command affecting Microhard BulletLTE-NA2 and IPn4Gii-NA2 products. An authenticated local attacker can exploit improper argument delimiter neutralization (CWE-88) to achieve privilege escalation, gaining high-confidence access to sensitive system functions and data. As of the CVE publication date, no general fix has been released, and the vulnerability remains unpatched across affected product lines.

Privilege Escalation Command Injection Ipn4gii Na2 Firmware +1
NVD
EPSS 0% CVSS 7.1
HIGH POC This Week

Post-authentication command injection vulnerability in the AT+MFIP command affecting Microhard BulletLTE-NA2 and IPn4Gii-NA2 products, enabling authenticated local attackers to achieve privilege escalation through improper argument delimiter neutralization (CWE-88). With a CVSS 7.1 score and no indication of general fixes at publication, this vulnerability presents a moderate-to-high risk for systems using affected modem/gateway products; exploitation requires local access and valid credentials but no user interaction.

Privilege Escalation Command Injection Ipn4gii Na2 Firmware +1
NVD
EPSS 0% CVSS 7.7
HIGH This Week

A command injection vulnerability exists in the Quantenna Wi-Fi chipset's router_command.sh script, specifically in the sync_time argument handler, allowing unauthenticated local attackers to execute arbitrary commands with high impact on confidentiality and integrity. The vulnerability affects Quantenna Wi-Fi chipset SDK versions through 8.0.0.28 and remains unpatched as of the CVE publication date, though the vendor has released implementation best practices rather than a direct patch. The CVSS 7.7 score reflects the local attack vector but high-impact consequences; exploitation requires local access but no privileges or user interaction.

Command Injection Qcs Ax2 A12 Firmware Qv952c Firmware +16
NVD
EPSS 0% CVSS 7.7
HIGH This Week

Command injection vulnerability in Quantenna Wi-Fi chipset control scripts (router_command.sh) that allows local, unauthenticated attackers to execute arbitrary commands with high impact to confidentiality and integrity. The vulnerability affects Quantenna Wi-Fi chipset through version 8.0.0.28 of the SDK and remains unpatched at disclosure, though the vendor has issued a best practices guide rather than a direct security patch. With a CVSS score of 7.7 and local attack vector requirements, this represents a significant risk to deployed routers and wireless access points using this chipset.

Command Injection Qhs710 Firmware Qcs Ax2 A12 Firmware +16
NVD
EPSS 0% CVSS 7.7
HIGH This Week

A command injection vulnerability (CVSS 7.7). High severity vulnerability requiring prompt remediation.

Command Injection Qcs Ax3 A12 Firmware Qcs Ax2 T8 Firmware +16
NVD
EPSS 0% CVSS 7.7
HIGH This Week

A command injection vulnerability exists in the Quantenna Wi-Fi chipset's router_command.sh script affecting versions through 8.0.0.28 of the SDK. The flaw allows unauthenticated local attackers to inject arbitrary commands via improper argument handling in the put_file_to_qtn parameter, potentially leading to confidentiality and integrity compromise. No official patch is available as of the CVE publication date, though the vendor has released mitigation guidance; this vulnerability is not currently tracked as actively exploited in CISA's Known Exploited Vulnerabilities catalog.

Command Injection RCE Linux +18
NVD
EPSS 0% CVSS 7.7
HIGH This Week

A command injection vulnerability exists in the Quantenna Wi-Fi chipset's router_command.sh local control script, allowing unauthenticated local attackers to execute arbitrary commands with high impact on confidentiality and integrity. The vulnerability affects Quantenna Wi-Fi chipset versions through 8.0.0.28 of the latest SDK and remains unpatched as of the CVE publication date, though the vendor has provided best practices guidance rather than a direct patch. With a CVSS score of 7.7 and local attack vector requirements, this poses significant risk to routers and access points using affected Quantenna chipsets, particularly in multi-user or compromised-local-network scenarios.

Command Injection RCE Qcs Ax3 A12 Firmware +17
NVD
EPSS 2% CVSS 2.1
LOW POC Monitor

A vulnerability was found in Tenda AC9 15.03.02.13. It has been rated as critical. This issue affects the function formSetIptv of the file /goform/SetIPTVCfg of the component POST Request Handler. The manipulation of the argument list leads to command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Command Injection Tenda
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Command injection vulnerability affecting QNAP NAS operating systems (QTS and QuTS hero) that allows authenticated remote attackers to execute arbitrary commands with high severity (CVSS 8.8). The vulnerability requires valid user credentials but no user interaction, making it exploitable by compromised accounts or insider threats. QNAP has released patches as of March 21, 2025, and exploitation details are limited in public disclosures at this time.

Qnap Command Injection RCE +2
NVD
EPSS 0% CVSS 6.7
MEDIUM PATCH This Month

A command injection vulnerability has been reported to affect QHora. If an attacker gains local network access who have also gained an administrator account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the following version: QuRouter 2.4.6.028 and later

Command Injection Qurouter
NVD
EPSS 1% CVSS 2.0
LOW POC Monitor

A vulnerability has been found in Tenda CP3 11.10.00.2311090948 and classified as critical. Affected by this vulnerability is the function sub_F3C8C of the file apollo. The manipulation leads to command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Command Injection Tenda
NVD GitHub VulDB
EPSS 1% CVSS 2.0
LOW POC Monitor

A vulnerability has been found in Teledyne FLIR AX8 up to 1.46.16. This impacts the function subscribe_to_spot/subscribe_to_delta/subscribe_to_alarm of the file /usr/www/application/models/subscriptions.php of the component Backend. Such manipulation leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.49.16 will fix this issue. It is suggested to upgrade the affected component. The vendor points out: "FLIR AX8 internal web site has been refactored to be able to handle the reported vulnerabilities."

PHP Command Injection
NVD GitHub VulDB
EPSS 1% CVSS 7.3
HIGH POC This Week

A command injection vulnerability in A vulnerability (CVSS 7.3). Risk factors: public PoC available.

Command Injection D-Link RCE +1
NVD GitHub VulDB
EPSS 1% CVSS 7.3
HIGH POC This Week

A critical remote code execution vulnerability exists in D-Link DIR-816 firmware version 1.10CNB05, allowing unauthenticated attackers to execute arbitrary OS commands via the /goform/setipsec_config endpoint by manipulating localIP or remoteIP parameters. The vulnerability has a publicly disclosed proof-of-concept exploit and affects end-of-life hardware no longer receiving security updates from D-Link, creating significant risk for deployed instances.

Command Injection D-Link RCE +2
NVD GitHub VulDB
EPSS 2% CVSS 6.3
MEDIUM POC This Month

A vulnerability was found in Tenda AC18 15.03.05.05. It has been declared as critical. This vulnerability affects the function formSetIptv of the file /goform/SetIPTVCfg. The manipulation of the argument list leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Command Injection Ac18 Firmware Tenda
NVD VulDB
EPSS 0% CVSS 6.0
MEDIUM This Month

A vulnerability in the CLI of multiple Cisco Unified Communications products could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device as the root user. This vulnerability is due to improper validation of user-supplied command arguments. An attacker could exploit this vulnerability by executing crafted commands on the CLI of an affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system of an affected device as the root user. To exploit this vulnerability, the attacker must have valid administrative credentials.

Command Injection Cisco Socialminer +7
NVD
EPSS 1% CVSS 6.3
MEDIUM POC This Month

A vulnerability was found in D-Link DCS-932L 2.18.01. It has been rated as critical. Affected by this issue is the function setSystemWizard/setSystemControl of the file /setSystemWizard. The manipulation of the argument AdminID leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

Command Injection Dcs 932l Firmware D-Link
NVD GitHub VulDB
EPSS 1% CVSS 6.3
MEDIUM POC This Month

A vulnerability was found in D-Link DCS-932L 2.18.01. It has been classified as critical. Affected is the function setSystemAdmin of the file /setSystemAdmin. The manipulation of the argument AdminID leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

Command Injection Dcs 932l Firmware D-Link
NVD GitHub VulDB
EPSS 1% CVSS 5.6
MEDIUM POC This Month

A vulnerability was found in Jrohy trojan up to 2.15.3. It has been declared as critical. This vulnerability affects the function LogChan of the file trojan/util/linux.go. The manipulation of the argument c leads to os command injection. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used.

Command Injection Trojan
NVD GitHub VulDB
EPSS 2% CVSS 6.3
MEDIUM POC This Month

A vulnerability, which was classified as critical, has been found in TOTOLINK X2000R 1.0.0-B20230726.1108. Affected by this issue is some unknown functionality of the file /boafrm/formMapDel. The manipulation of the argument devicemac1 leads to command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Command Injection X2000r Firmware TOTOLINK
NVD GitHub VulDB
EPSS 2% CVSS 6.3
MEDIUM POC This Month

A vulnerability has been found in TOTOLINK X2000R 1.0.0-B20230726.1108 and classified as critical. This vulnerability affects unknown code of the file /boafrm/formWsc. The manipulation of the argument peerRptPin leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Command Injection X2000r Firmware TOTOLINK
NVD GitHub VulDB
EPSS 4% CVSS 6.3
MEDIUM POC This Month

A vulnerability, which was classified as critical, has been found in TOTOLINK X15 1.0.0-B20230714.1105. Affected by this issue is the function formMapReboot of the file /boafrm/formMapReboot. The manipulation of the argument deviceMacAddr leads to command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Command Injection X15 Firmware TOTOLINK
NVD GitHub VulDB
EPSS 0% CVSS 6.3
MEDIUM This Month

A vulnerability has been found in D-Link DI-500WF-WT up to 20250511 and classified as critical. Affected by this vulnerability is the function sub_456DE8 of the file /msp_info.htm?flag=cmd of the component /usr/sbin/jhttpd. The manipulation of the argument cmd leads to command injection. The attack can be launched remotely.

Command Injection Di 500wf Wt Firmware D-Link
NVD VulDB
EPSS 0% CVSS 8.6
HIGH KEV THREAT Act Now

A second Qualcomm GPU micronode memory corruption vulnerability (CVE-2025-21479, CVSS 8.6) exists in the unauthorized command execution path during specific GPU command sequences. KEV-listed alongside CVE-2025-21480, this indicates a systemic issue in Qualcomm's GPU micronode command validation that is being actively exploited in mobile attack chains.

Memory Corruption Command Injection RCE +64
NVD
EPSS 0% CVSS 5.9
MEDIUM This Month

In engineermode service, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed.

Privilege Escalation Command Injection Android +1
NVD
EPSS 2% CVSS 8.6
HIGH KEV THREAT Act Now

Qualcomm GPU micronode contains a memory corruption vulnerability (CVE-2025-21480, CVSS 8.6) caused by unauthorized command execution during specific GPU command sequences. KEV-listed, this vulnerability enables privilege escalation from the GPU context, potentially allowing app-level attackers to gain kernel access through the GPU driver on Qualcomm-based Android devices.

Memory Corruption Command Injection RCE +65
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

An issue in Clinical Collaboration Platform 12.2.1.5 allows a remote attacker to obtain sensitive information and execute arbitrary code via the usertoken function of default.aspx.

RCE Command Injection Clinical Collaboration Platform
NVD GitHub
EPSS 0% CVSS 6.5
MEDIUM This Month

An issue in Clinical Collaboration Platform 12.2.1.5 allows a remote attacker to obtain sensitive information and execute arbitrary code via the session management component.

RCE Command Injection Clinical Collaboration Platform
NVD GitHub
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

Command Injection Rce (3Rd) in HPE StoreOnce backup storage software. One of 6 critical CVEs.

RCE Command Injection Storeonce System
NVD
EPSS 2% CVSS 6.3
MEDIUM POC This Month

A vulnerability was found in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. It has been declared as critical. This vulnerability affects the function ssid1MACFilter of the file /goform/ssid1MACFilter. The manipulation of the argument apselect_%d/newap_text_%d leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Command Injection Re6250 Firmware Re6300 Firmware +4
NVD GitHub VulDB
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

Command Injection Rce (2Nd) in HPE StoreOnce backup storage software. One of 6 critical CVEs.

RCE Command Injection Storeonce System
NVD
EPSS 0% CVSS 7.2
HIGH PATCH This Week

Command injection remote code execution vulnerability in HPE StoreOnce Software that allows authenticated attackers with high privileges to execute arbitrary commands on affected systems. The vulnerability has a CVSS score of 7.2 (high severity) and requires authenticated access but no user interaction. Given the command injection nature (CWE-77) and network attack vector, this poses significant risk to organizations running vulnerable HPE StoreOnce deployments, particularly if KEV status or active exploitation is confirmed.

RCE Command Injection HP +1
NVD
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

Command Injection Rce in HPE StoreOnce backup storage software. One of 6 critical CVEs.

RCE Command Injection Storeonce System
NVD
EPSS 1% CVSS 6.3
MEDIUM POC This Month

A vulnerability was found in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. It has been classified as critical. This affects the function RP_checkCredentialsByBBS of the file /goform/RP_checkCredentialsByBBS. The manipulation of the argument pwd leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Command Injection Re7000 Firmware Re6250 Firmware +4
NVD GitHub VulDB
EPSS 2% CVSS 6.3
MEDIUM POC This Month

A vulnerability was found in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001 and classified as critical. Affected by this issue is the function RP_checkFWByBBS of the file /goform/RP_checkFWByBBS. The manipulation of the argument type/ch/ssidhex/security/extch/pwd/mode/ip/nm/gw leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Command Injection Re9000 Firmware Re7000 Firmware +4
NVD GitHub VulDB
EPSS 2% CVSS 6.3
MEDIUM POC This Month

A vulnerability has been found in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001 and classified as critical. Affected by this vulnerability is the function RP_UpgradeFWByBBS of the file /goform/RP_UpgradeFWByBBS. The manipulation of the argument type/ch/ssidhex/security/extch/pwd/mode/ip/nm/gw leads to os command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Command Injection Re9000 Firmware Re6500 Firmware +4
NVD GitHub VulDB
EPSS 2% CVSS 6.3
MEDIUM POC This Month

A vulnerability, which was classified as critical, was found in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. Affected is the function wirelessAdvancedHidden of the file /goform/wirelessAdvancedHidden. The manipulation of the argument ExtChSelector/24GSelector/5GSelector leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Command Injection Re9000 Firmware Re6500 Firmware +4
NVD GitHub VulDB
EPSS 1% CVSS 6.3
MEDIUM POC This Month

A vulnerability, which was classified as critical, has been found in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This issue affects the function RP_pingGatewayByBBS of the file /goform/RP_pingGatewayByBBS. The manipulation of the argument ip/nm/gw leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Command Injection Re6350 Firmware Re7000 Firmware +4
NVD GitHub VulDB
EPSS 1% CVSS 6.3
MEDIUM POC This Month

A vulnerability classified as critical was found in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This vulnerability affects the function setDeviceURL of the file /goform/setDeviceURL. The manipulation of the argument DeviceURL leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Command Injection Re9000 Firmware Re6250 Firmware +4
NVD GitHub VulDB
EPSS 1% CVSS 6.3
MEDIUM POC This Month

A vulnerability classified as critical has been found in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This affects the function NTP of the file /goform/NTP. The manipulation of the argument manual_year_select/manual_month_select/manual_day_select/manual_hour_select/manual_min_select/manual_sec_select leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Command Injection Re7000 Firmware Re9000 Firmware +4
NVD GitHub VulDB
EPSS 1% CVSS 6.3
MEDIUM POC This Month

A vulnerability was found in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. It has been rated as critical. Affected by this issue is the function verifyFacebookLike of the file /goform/verifyFacebookLike. The manipulation of the argument uid/accessToken leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Command Injection Re6350 Firmware Re6500 Firmware +4
NVD GitHub VulDB
EPSS 2% CVSS 6.3
MEDIUM POC This Month

A vulnerability was found in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. It has been declared as critical. Affected by this vulnerability is the function WPS of the file /goform/WPS. The manipulation of the argument PIN leads to command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Command Injection Re9000 Firmware Re6250 Firmware +4
NVD GitHub VulDB
EPSS 0% CVSS 8.6
HIGH This Week

Critical vulnerability in Diviotec professional series devices that combines arbitrary command injection via a web interface endpoint with hardcoded credentials, allowing authenticated attackers to execute arbitrary commands with high impact on confidentiality, integrity, and availability. The CVSS 8.6 score reflects the severity of command injection paired with hardcoded passwords that eliminate authentication barriers. This vulnerability affects network-accessible professional series devices and represents an immediate risk in environments where these devices are deployed, particularly where adjacent network access is possible.

Command Injection
NVD
EPSS 0% CVSS 8.6
HIGH PATCH This Week

Critical remote code execution vulnerability affecting Netcom NTC 6200 and NWL 222 series network devices. The vulnerability stems from multiple command injection flaws in the web interface combined with hardcoded credentials, allowing authenticated remote attackers to execute arbitrary commands with elevated privileges. With a CVSS score of 8.6 and an attack vector requiring only adjacent network access and low privileges, this vulnerability poses significant risk to organizations deploying these devices in networked environments.

RCE Command Injection
NVD
EPSS 3% CVSS 8.6
HIGH POC This Week

GetSimple CMS is a content management system. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection PHP RCE +1
NVD GitHub
EPSS 1% CVSS 7.1
HIGH This Week

An OS Command Injection issue exists in wivia 5 all versions. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Wivia 5 Firmware
NVD
EPSS 2% CVSS 9.4
CRITICAL This Week

An authenticated user can perform command injection via unsanitized input to the NetFax Server’s ping functionality via the /test.php endpoint. Rated critical severity (CVSS 9.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection PHP
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

An arbitrary file upload vulnerability in M2Soft CROWNIX Report & ERS v5.x to v5.5.14.1070, v7.x to v7.4.3.960, and v8.x to v8.2.0.345 allows attackers to execute arbitrary code via supplying a. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection RCE File Upload
NVD
Prev Page 26 of 87 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy