Skip to main content

OS Command Injection

web CRITICAL

OS command injection occurs when an application passes unsanitized user input directly into system shell commands.

How It Works

OS command injection occurs when an application passes unsanitized user input directly into system shell commands. Instead of treating input as pure data, the shell interprets special characters as command separators or modifiers, allowing attackers to append arbitrary commands. Common injection points include system(), exec(), popen(), and backtick operators in languages like PHP, Python, and Ruby.

Attackers exploit shell metacharacters to break out of the intended command context. On both Unix and Windows, semicolons (;), pipes (|), and logical operators (&&, ||) chain multiple commands. Unix shells additionally interpret backticks and $() for command substitution, while newlines can also separate statements. For example, if an application executes ping -c 4 $USER_IP, an attacker supplying 8.8.8.8; cat /etc/passwd causes the server to run two commands sequentially.

Attacks manifest in three variants. Visible injection returns command output in the HTTP response, giving immediate feedback. Blind injection produces no direct output, requiring time-based detection (using sleep or timeout commands) or out-of-band confirmation via DNS lookups or HTTP callbacks to attacker-controlled servers. Attackers can also redirect output to web-accessible files for later retrieval.

Impact

  • Complete server compromise — execute any command with the application's privileges, often www-data or root
  • Lateral movement — scan internal networks, pivot to backend systems unreachable from the internet
  • Data exfiltration — dump databases, read configuration files containing credentials, access sensitive business data
  • Persistence mechanisms — install cron jobs, add SSH keys, deploy web shells for continued access
  • Denial of service — crash services, fill disk space, consume CPU resources
  • Supply chain attacks — modify application code or deployment artifacts to compromise downstream users

Real-World Examples

The Ivanti Cloud Service Appliance suffered CVE-2024-8190, where command injection in the administrative interface allowed unauthenticated attackers to execute arbitrary OS commands. CISA added it to the Known Exploited Vulnerabilities catalog after observing active exploitation against enterprise networks.

GitLab experienced multiple command injection vulnerabilities over the years, including issues in repository import functionality where Git URLs containing shell metacharacters were passed unsanitized to system commands, enabling remote code execution on self-hosted instances.

Network equipment frequently contains these flaws. Various Netgear routers have exhibited command injection in ping diagnostic tools, where user-supplied IP addresses were concatenated directly into shell commands without validation, granting attackers complete device control.

Mitigation

  • Eliminate OS commands entirely — use native language libraries (filesystem APIs, network functions) instead of shelling out
  • Strict input allowlisting — permit only exact matches against predefined values; validate format with regex before any processing
  • Parameterized execution APIs — use execve() or language equivalents that pass arguments as arrays, bypassing the shell interpreter completely
  • Principle of least privilege — run application processes with minimal permissions to limit compromise impact
  • Input validation — enforce expected patterns (IP addresses, alphanumeric IDs) but never rely on blacklisting metacharacters

Recent CVEs (7746)

EPSS 0% CVSS 2.1
LOW POC Monitor

A vulnerability was found in mirweiye wenkucms up to 3.4. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection PHP
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW POC Monitor

A security vulnerability has been detected in Tenda AC18 15.03.05.19. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Command Injection
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW POC Monitor

A vulnerability was identified in D-Link DIR-823X 250416. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection D-Link
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW POC Monitor

A vulnerability was determined in D-Link DIR-823X 250416. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection D-Link
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW POC Monitor

A vulnerability was found in D-Link DIR-823X 250416. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection D-Link
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW POC Monitor

A vulnerability has been found in D-Link DIR-823X 250416. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection D-Link
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW POC Monitor

A flaw has been found in D-Link DIR-823X 250416. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection D-Link
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW POC Monitor

A vulnerability was detected in D-Link DIR-823X 250416. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection D-Link
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW POC Monitor

A weakness has been identified in D-Link DIR-823X 250416. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection D-Link
NVD GitHub VulDB
EPSS 0% CVSS 2.0
LOW POC Monitor

A vulnerability was detected in Keyfactor RG-EW5100BE EW_3.0B11P280_EW5100BE-PRO_12183019. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection
NVD GitHub VulDB
EPSS 1% CVSS 5.5
MEDIUM This Month

A vulnerability was identified in WAYOS LQ_04, LQ_05, LQ_06, LQ_07 and LQ_09 22.03.17. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection
NVD VulDB
EPSS 0% CVSS 7.7
HIGH This Month

SonarQube Server and Cloud is a static analysis solution for continuous code quality and security inspection. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Microsoft Windows
NVD GitHub
EPSS 0% CVSS 8.8
HIGH POC This Week

An issue was discovered in DIR-823 firmware 20250416. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection D-Link Dir 823x Firmware
NVD GitHub
EPSS 0% CVSS 7.3
HIGH POC This Month

Multiple robotic products by Unitree sharing a common firmware, including the Go2, G1, H1, and B2 devices, contain a command injection vulnerability. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Command Injection G1 Firmware Go2 Firmware +2
NVD GitHub
EPSS 0% CVSS 8.2
HIGH This Month

Unitree Go2, G1, H1, and B2 devices through 2025-09-20 allow root OS command injection via the hostapd_restart.sh wifi_ssid or wifi_pass parameter (within restart_wifi_ap and restart_wifi_sta). Rated high severity (CVSS 8.2), this vulnerability is no authentication required. No vendor patch available.

Command Injection
NVD GitHub
EPSS 0% CVSS 6.5
MEDIUM POC PATCH This Month

An issue was discovered in chinabugotech hutool before 5.8.4 allowing attackers to execute arbitrary expressions that lead to arbitrary method invocation and potentially remote code execution (RCE). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection RCE Hutool
NVD GitHub
EPSS 1% CVSS 9.3
CRITICAL This Week

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in TOTOLINK X6000R allows OS Command Injection.4.0cu.1458_B20250708. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection X6000r Firmware TOTOLINK
NVD GitHub
EPSS 0% CVSS 8.4
HIGH This Month

This vulnerability allows attackers to execute arbitrary commands on the underlying system. Rated high severity (CVSS 8.4), this vulnerability is low attack complexity. No vendor patch available.

Command Injection
NVD
EPSS 0% CVSS 8.4
HIGH This Month

This vulnerability allows malicious actors to execute arbitrary commands on the underlying system of the Zenitel ICX500 and ICX510 Gateway, granting shell access. Rated high severity (CVSS 8.4), this vulnerability is low attack complexity. No vendor patch available.

Command Injection
NVD
EPSS 0% CVSS 2.1
LOW POC Monitor

A weakness has been identified in Wavlink NU516U1. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection
NVD GitHub VulDB
EPSS 0% CVSS 6.5
MEDIUM POC This Month

An issue in petstore v.1.0.7 allows a remote attacker to execute arbitrary code via accessing a non-existent endpoint/cart, the server returns a 404-error page exposing sensitive information. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection RCE Swagger Petstore
NVD GitHub
EPSS 0% CVSS 2.1
LOW POC Monitor

A security flaw has been discovered in Wavlink NU516U1 M16U1_V240425. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW POC Monitor

A vulnerability was identified in Wavlink NU516U1 M16U1_V240425. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection
NVD GitHub VulDB
EPSS 0% CVSS 6.5
MEDIUM This Month

An issue in petstore v.1.0.7 allows a remote attacker to execute arbitrary code via the DELETE endpoint. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection RCE Swagger Petstore
NVD GitHub
EPSS 0% CVSS 5.1
MEDIUM POC This Month

A vulnerability was determined in Wavlink NU516U1 M16U1_V240425. Rated medium severity (CVSS 5.1), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Wl Nu516u1 Firmware
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW POC Monitor

A vulnerability was found in Wavlink NU516U1 M16U1_V240425. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW POC Monitor

A vulnerability has been found in Wavlink NU516U1 M16U1_V240425. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW POC Monitor

A flaw has been found in Wavlink NU516U1 M16U1_V240425. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection
NVD GitHub VulDB
EPSS 2% CVSS 8.6
HIGH POC This Week

Nagios XI < 2026R1 is vulnerable to an authenticated command injection vulnerability within the MongoDB Database, MySQL Query, MySQL Server, Postgres Server, and Postgres Query wizards. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection PostgreSQL Nagios Xi
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Dell Cloud Disaster Recovery, version(s) prior to 19.20, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Dell Command Injection Cloud Disaster Recovery
NVD
EPSS 0% CVSS 8.5
HIGH This Month

Ericsson Indoor Connect 8855 contains a command injection vulnerability which if exploited can result in an escalation of privileges. Rated high severity (CVSS 8.5), this vulnerability is low attack complexity. No vendor patch available.

Command Injection Ericsson Indoor Connect 8855 Firmware
NVD
EPSS 1% CVSS 9.8
CRITICAL POC PATCH Act Now

ADB MCP Server is a MCP (Model Context Protocol) server for interacting with Android devices through ADB. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Command Injection Google Adb Mcp Server +1
NVD GitHub
EPSS 0% CVSS 8.7
HIGH POC PATCH This Week

git-commiters is a Node.js function module providing committers stats for their git repository. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Command Injection Node.js Git Commiters
NVD GitHub
EPSS 0% CVSS 7.3
HIGH This Week

Improper Input Validation vulnerability in TOTOLINK X6000R allows Command Injection, File Manipulation.4.0cu.1360_B20241207. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Command Injection X6000r Firmware TOTOLINK
NVD GitHub
EPSS 1% CVSS 9.3
CRITICAL This Week

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in TOTOLINK X6000R allows OS Command Injection.4.0cu.1360_B20241207. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection X6000r Firmware TOTOLINK
NVD GitHub
EPSS 0% CVSS 8.8
HIGH This Month

A vulnerability in the HTTP API subsystem of Cisco IOS XE Software could allow a remote attacker to inject commands that will execute with root privileges into the underlying operating system. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Command Injection Apple
NVD
EPSS 7% CVSS 9.8
CRITICAL POC Act Now

An issue in Datart v.1.0.0-rc.3 allows a remote attacker to execute arbitrary code via the INIT connection parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection RCE Datart
NVD GitHub
EPSS 2% CVSS 6.5
MEDIUM POC This Week

OS Command injection vulnerability in D-Link C1 2020-02-21. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection D-Link Di 7100G Firmware
NVD GitHub
EPSS 0% CVSS 7.3
HIGH POC PATCH This Week

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. Public exploit code available.

Command Injection Cryptolib
NVD GitHub
EPSS 0% CVSS 6.5
MEDIUM POC PATCH This Week

An issue in PocketVJ CP PocketVJ-CP-v3 pvj 3.9.1 allows remote attackers to execute arbitrary code via the submit_size.php component. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection PHP RCE +1
NVD GitHub
EPSS 4% CVSS 6.5
MEDIUM POC This Month

OS Command injection vulnerability in Tenda AC9 1.0 was discovered to contain a command injection vulnerability via the usb.samba.guest.user parameter in the formSetSambaConf function of the httpd. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Tenda Ac9 Firmware
NVD GitHub
EPSS 0% CVSS 6.5
MEDIUM POC This Month

SQL Injection vulnerability in CSZ-CMS v.1.3.0 allows a remote attacker to execute arbitrary code via the execSqlFile function in the Plugin_Manager.php file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection PHP RCE +2
NVD GitHub
EPSS 0% CVSS 10.0
CRITICAL Act Now

Unrestricted Upload of File with Dangerous Type vulnerability in TalentSys Consulting Information Technology Industry Inc. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection File Upload
NVD VulDB
EPSS 0% CVSS 10.0
CRITICAL Act Now

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Iron Mountain Archiving Services Inc. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection
NVD VulDB
EPSS 0% CVSS 8.5
HIGH This Month

An OS command injection vulnerability has been discovered in the Vitogate 300, which can be exploited by malicious users to compromise affected installations. Rated high severity (CVSS 8.5), this vulnerability is low attack complexity. No vendor patch available.

Command Injection RCE
NVD
EPSS 0% CVSS 2.1
LOW POC Monitor

A vulnerability was determined in D-Link DIR-823X 240126/240802/250416. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection D-Link
NVD VulDB GitHub
EPSS 0% CVSS 8.8
HIGH This Week

The LB-Link routers, including the BL-AC2100_AZ3 V1.0.4, BL-WR4000 v2.5.0, BL-WR9000_AE4 v2.4.9, BL-AC1900_AZ2 v1.0.2, BL-X26_AC8 v1.2.8, and BL-LTE300_DA4 V1.2.3 models, are vulnerable to. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Command Injection
NVD GitHub
EPSS 0% CVSS 8.8
HIGH This Month

In 2wcom IP-4c 2.16, the web interface allows admin and manager users to execute arbitrary code as root via a ping or traceroute field on the TCP/IP screen. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection RCE
NVD GitHub
EPSS 0% CVSS 2.0
LOW POC Monitor

A security vulnerability has been detected in Wavlink WL-NU516U1 240425. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection
NVD GitHub VulDB
EPSS 0% CVSS 2.0
LOW Monitor

A weakness has been identified in Ruijie 6000-E10 up to 2.4.3.6-20171117. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection PHP
NVD GitHub VulDB
EPSS 0% CVSS 1.1
LOW Monitor

A vulnerability was detected in CosmodiumCS OnlyRAT up to 3.2. Rated low severity (CVSS 2.0). No vendor patch available.

Command Injection
NVD VulDB
EPSS 7% CVSS 6.1
MEDIUM KEV THREAT Act Now

Libraesva ESG 4.5 through 5.5.x before 5.5.7 allows command injection via a compressed e-mail attachment. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and no vendor patch available.

Command Injection Email Security Gateway
NVD
EPSS 0% CVSS 5.2
MEDIUM This Month

HyperX NGENUITY software is potentially vulnerable to arbitrary code execution. Rated medium severity (CVSS 5.2), this vulnerability is low attack complexity. No vendor patch available.

Command Injection HP RCE +1
NVD
EPSS 59% 6.6 CVSS 9.0
CRITICAL POC KEV THREAT Emergency

CentOS Web Panel (CWP) allows unauthenticated remote code execution through OS command injection in the filemanager changePerm request's t_total parameter.

Command Injection RCE Webpanel
NVD
EPSS 1% CVSS 6.5
MEDIUM POC This Month

Tenda AC6 router firmware 15.03.05.19 contains a command injection vulnerability in the formSetIptv function, which processes requests to the /goform/SetIPTVCfg web interface. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Tenda Ac6 Firmware
NVD GitHub
EPSS 59% 6.8 CVSS 10.0
CRITICAL POC KEV THREAT Emergency

Fortra GoAnywhere MFT contains a deserialization vulnerability in the License Servlet allowing command injection through crafted license response signatures.

Command Injection Deserialization Goanywhere Managed File Transfer
NVD
EPSS 0% CVSS 8.8
HIGH POC This Week

A command injection vulnerability in COMFAST CF-XR11 (firmware V2.7.2) exists in the multi_pppoe API, processed by the sub_423930 function in /usr/bin/webmgnt. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Command Injection RCE +1
NVD GitHub
EPSS 0% CVSS 2.1
LOW POC Monitor

A vulnerability was identified in D-Link DIR-645 105B01.cgi. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection D-Link
NVD GitHub VulDB
EPSS 0% CVSS 4.7
MEDIUM Monitor

IBM Lakehouse (watsonx.data 2.2) could allow an authenticated privileged user to execute arbitrary commands on the system due to improper validation of user supplied input. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection IBM Watsonx Data
NVD
EPSS 1% CVSS 6.5
MEDIUM POC This Month

An issue Clip Bucket v.5.5.2 Build#90 allows a remote attacker to execute arbitrary codes via the file_downloader.php and the file parameter. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection PHP Clipbucket
NVD Exploit-DB
EPSS 0% CVSS 8.4
HIGH This Week

The cbis_manager Podman container is vulnerable to remote command execution via the /api/plugins endpoint. Rated high severity (CVSS 8.4), this vulnerability is low attack complexity. No vendor patch available.

Python Command Injection RCE
NVD
EPSS 0% CVSS 2.1
LOW POC Monitor

A weakness has been identified in D-Link DIR-823X 240126/240802/250416. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection D-Link
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW POC Monitor

A vulnerability was determined in D-Link DIR-852 1.00CN B09. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection D-Link
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW POC Monitor

A vulnerability was found in D-Link DIR-852 1.00CN B09. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection D-Link
NVD GitHub VulDB
EPSS 0% CVSS 9.8
CRITICAL This Week

NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability in the Python backend, where an attacker could cause a remote code execution by manipulating the model name parameter in. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection Denial Of Service Nvidia +6
NVD
EPSS 0% CVSS 2.1
LOW PATCH Monitor

A vulnerability was detected in sequa-ai sequa-mcp up to 1.0.13. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection
NVD GitHub VulDB
EPSS 0% CVSS 8.3
HIGH This Week

In JetBrains Junie before 252.284.66, 251.284.66, 243.284.66, 252.284.61, 251.284.61, 243.284.61, 252.284.50, 252.284.54, 251.284.54, 251.284.50, 243.284.54, 243.284.50 code execution was possible. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Command Injection RCE Junie
NVD
EPSS 0% CVSS 9.3
CRITICAL This Week

Certain models of Industrial Cellular Gateway developed by Planet Technology have an OS Command Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary OS commands and. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection
NVD
EPSS 0% CVSS 8.0
HIGH This Week

In LemonLDAP::NG before 2.16.7 and 2.17 through 2.21 before 2.21.3, OS command injection can occur in the Safe jail. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable. No vendor patch available.

Command Injection Red Hat
NVD
EPSS 0% CVSS 8.6
HIGH This Month

Improper neutralization of special elements used in an OS command ('OS Command Injection') issue exists in WN-7D36QR and WN-7D36QR/UE. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection
NVD
EPSS 0% CVSS 8.7
HIGH This Month

The N-Reporter, N-Cloud, and N-Probe developed by N-Partner has an OS Command Injection vulnerability, allowing authenticated remote attackers to inject arbitrary OS commands and execute them on the. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

A vulnerable feature in the command line interface of EdgeConnect SD-WAN could allow an authenticated attacker to exploit built-in script execution capabilities. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Command Injection
NVD
EPSS 0% CVSS 7.2
HIGH This Month

A vulnerability exists in the HPE Aruba Networking EdgeConnect SD-WAN Gateways Command Line Interface that allows remote authenticated users to run arbitrary commands on the underlying host. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Aruba
NVD
EPSS 1% CVSS 9.3
CRITICAL POC Act Now

Ilevia EVE X1/X5 Server version ≤ 4.7.18.0.eden contains a misconfiguration in the sudoers file that allows passwordless execution of certain Bash scripts. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Privilege Escalation Eve X1 Server Firmware
NVD
EPSS 2% CVSS 9.3
CRITICAL POC Act Now

Ilevia EVE X1/X5 Server version ≤ 4.7.18.0.eden contains a vulnerability in its authentication mechanism. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection
NVD VulDB
EPSS 2% CVSS 9.3
CRITICAL POC Act Now

Ilevia EVE X1 Server version ≤ 4.7.18.0.eden contains an unauthenticated OS command injection vulnerability in the /ajax/php/login.php script. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Command Injection PHP +1
NVD
EPSS 0% CVSS 8.0
HIGH POC This Week

Edimax BR-6473AX v1.0.28 was discovered to contain a remote code execution (RCE) vulnerability via the Object parameter in the openwrt_getConfig function. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Command Injection RCE Br 6473Ax Firmware
NVD GitHub
EPSS 0% CVSS 6.3
MEDIUM This Month

FreePBX is an open-source web-based graphical user interface. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Freepbx
NVD GitHub
EPSS 66% CVSS 9.8
CRITICAL POC THREAT Emergency

TOTOLINK X6000R router firmware V9.4.0cu.1360_B20241207 contains an unauthenticated command injection in the sub_417D74 function via the file_name parameter. Remote attackers can execute arbitrary commands on the router without authentication through crafted HTTP requests.

Command Injection X6000r Firmware TOTOLINK
NVD GitHub
EPSS 0% CVSS 3.7
LOW Monitor

feiskyer mcp-kubernetes-server through 0.1.11 allows OS command injection, even in read-only mode, via /mcp/kubectl because shell=True is used. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Command Injection Kubernetes Mcp Kubernetes Server
NVD GitHub
EPSS 0% CVSS 3.7
LOW Monitor

feiskyer mcp-kubernetes-server through 0.1.11 does not consider chained commands in the implementation of --disable-write and --disable-delete, e.g., it allows a "kubectl version; kubectl delete pod". Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Command Injection Kubernetes Mcp Kubernetes Server
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC PATCH Act Now

The cleanIptables mutation in Chaos Controller Manager is vulnerable to OS command injection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection RCE Chaos Mesh +1
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC PATCH Act Now

The killProcesses mutation in Chaos Controller Manager is vulnerable to OS command injection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Command Injection RCE Chaos Mesh +1
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC PATCH Act Now

The cleanTcs mutation in Chaos Controller Manager is vulnerable to OS command injection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection RCE Chaos Mesh +1
NVD GitHub
EPSS 0% CVSS 2.1
LOW POC Monitor

A vulnerability was determined in Tenda AC9 and AC15 15.03.05.14. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Tenda
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW POC Monitor

A vulnerability was found in D-Link DI-8100G, DI-8200G and DI-8003G 17.12.20A1/19.12.10A1. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection D-Link
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW Monitor

A vulnerability has been found in D-Link DI-8100, DI-8100G, DI-8200, DI-8200G, DI-8003 and DI-8003G 16.07.26A1/17.12.20A1/19.12.10A1. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection D-Link
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW POC Monitor

A vulnerability was detected in D-Link DIR-823x up to 250416. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection D-Link
NVD GitHub VulDB
EPSS 0% CVSS 5.5
MEDIUM POC This Month

A vulnerability was detected in Wavlink WL-WN578W2 221110. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection
NVD GitHub VulDB
EPSS 0% CVSS 5.5
MEDIUM POC This Month

A security vulnerability has been detected in Wavlink WL-WN578W2 221110. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection
NVD GitHub VulDB
Prev Page 21 of 87 Next

Quick Facts

Typical Severity
CRITICAL
Category
web
Total CVEs
7746

Related CWEs

MITRE ATT&CK

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy