Skip to main content

OS Command Injection

web CRITICAL

OS command injection occurs when an application passes unsanitized user input directly into system shell commands.

How It Works

OS command injection occurs when an application passes unsanitized user input directly into system shell commands. Instead of treating input as pure data, the shell interprets special characters as command separators or modifiers, allowing attackers to append arbitrary commands. Common injection points include system(), exec(), popen(), and backtick operators in languages like PHP, Python, and Ruby.

Attackers exploit shell metacharacters to break out of the intended command context. On both Unix and Windows, semicolons (;), pipes (|), and logical operators (&&, ||) chain multiple commands. Unix shells additionally interpret backticks and $() for command substitution, while newlines can also separate statements. For example, if an application executes ping -c 4 $USER_IP, an attacker supplying 8.8.8.8; cat /etc/passwd causes the server to run two commands sequentially.

Attacks manifest in three variants. Visible injection returns command output in the HTTP response, giving immediate feedback. Blind injection produces no direct output, requiring time-based detection (using sleep or timeout commands) or out-of-band confirmation via DNS lookups or HTTP callbacks to attacker-controlled servers. Attackers can also redirect output to web-accessible files for later retrieval.

Impact

  • Complete server compromise — execute any command with the application's privileges, often www-data or root
  • Lateral movement — scan internal networks, pivot to backend systems unreachable from the internet
  • Data exfiltration — dump databases, read configuration files containing credentials, access sensitive business data
  • Persistence mechanisms — install cron jobs, add SSH keys, deploy web shells for continued access
  • Denial of service — crash services, fill disk space, consume CPU resources
  • Supply chain attacks — modify application code or deployment artifacts to compromise downstream users

Real-World Examples

The Ivanti Cloud Service Appliance suffered CVE-2024-8190, where command injection in the administrative interface allowed unauthenticated attackers to execute arbitrary OS commands. CISA added it to the Known Exploited Vulnerabilities catalog after observing active exploitation against enterprise networks.

GitLab experienced multiple command injection vulnerabilities over the years, including issues in repository import functionality where Git URLs containing shell metacharacters were passed unsanitized to system commands, enabling remote code execution on self-hosted instances.

Network equipment frequently contains these flaws. Various Netgear routers have exhibited command injection in ping diagnostic tools, where user-supplied IP addresses were concatenated directly into shell commands without validation, granting attackers complete device control.

Mitigation

  • Eliminate OS commands entirely — use native language libraries (filesystem APIs, network functions) instead of shelling out
  • Strict input allowlisting — permit only exact matches against predefined values; validate format with regex before any processing
  • Parameterized execution APIs — use execve() or language equivalents that pass arguments as arrays, bypassing the shell interpreter completely
  • Principle of least privilege — run application processes with minimal permissions to limit compromise impact
  • Input validation — enforce expected patterns (IP addresses, alphanumeric IDs) but never rely on blacklisting metacharacters

Recent CVEs (7746)

EPSS 0% CVSS 6.5
MEDIUM This Month

An arbitrary file upload vulnerability in the opcode 500 functionality of M2Soft CROWNIX Report & ERS v5.x to v5.5.14.1070, v7.x to v7.4.3.960, and v8.x to v8.2.0.345 allows attackers to execute. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection RCE File Upload
NVD
EPSS 1% CVSS 9.4
CRITICAL This Week

aws-mcp-server MCP server is vulnerable to command injection. Rated critical severity (CVSS 9.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection
NVD GitHub
EPSS 0% CVSS 7.8
HIGH POC PATCH This Month

LLama-Index CLI version v0.12.20 contains an OS command injection vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Command Injection RCE Llamaindex +1
NVD GitHub
EPSS 12% CVSS 9.3
CRITICAL POC THREAT Emergency

The Evertz SDVN 3080ipx-10G is a High Bandwidth Ethernet Switching Fabric for Video Application. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 12.3% and no vendor patch available.

Command Injection PHP Authentication Bypass
NVD
EPSS 0% CVSS 4.8
MEDIUM PATCH This Month

Due to insufficient escaping of the ampersand character in the “Copy as cURL” feature, an attacker could trick a user into using this command, potentially leading to local code execution on the. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Command Injection RCE +1
NVD
EPSS 0% CVSS 4.8
MEDIUM PATCH This Month

Due to insufficient escaping of the newline character in the “Copy as cURL” feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. No vendor patch available.

Command Injection RCE Mozilla
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

A vulnerability was found in Netcore NBR1005GPEV2, NBR200V2 and B6V2 up to 20250508 and classified as critical. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection
NVD GitHub VulDB
EPSS 1% CVSS 5.3
MEDIUM This Month

A vulnerability has been found in Netcore NBR1005GPEV2, B6V2, COVER5, NAP830, NAP930, NBR100V2 and NBR200V2 up to 20250508 and classified as critical. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection
NVD GitHub VulDB
EPSS 1% CVSS 2.1
LOW Monitor

A vulnerability, which was classified as critical, was found in Netcore NBR1005GPEV2, B6V2, COVER5, NAP830, NAP930, NBR100V2, NBR200V2 and POWER13 up to 20250508. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection
NVD GitHub VulDB
EPSS 3% CVSS 2.9
LOW POC Monitor

A vulnerability was found in Qualitor 8.20/8.24. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Microsoft Command Injection PHP
NVD VulDB
EPSS 11% CVSS 7.4
HIGH POC THREAT This Month

A vulnerability was found in Teledyne FLIR AX8 up to 1.46.16. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 10.9%.

Command Injection PHP Flir Ax8 Firmware
NVD GitHub VulDB
EPSS 0% CVSS 6.5
MEDIUM This Month

Hardcoded credentials in the Telnet service in D-Link DIR-605L v2.13B01 and DIR-816L v2.06B01 allow attackers to remotely execute arbitrary commands via firmware analysis. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

D-Link Command Injection Dir 605l Firmware +1
NVD GitHub
EPSS 0% CVSS 8.7
HIGH This Week

On MOBOTIX P3 cameras before MX-V4.7.2.18 and Mx6 cameras before MX-V5.2.0.61, the tcpdump feature does not properly validate input, which allows authenticated users to execute code. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection
NVD
EPSS 1% CVSS 6.9
MEDIUM This Month

A vulnerability was found in Fujian Kelixun 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection PHP
NVD GitHub VulDB
EPSS 1% CVSS 4.8
MEDIUM POC Monitor

Asterisk is an open-source private branch exchange (PBX). Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Microsoft Command Injection Asterisk +1
NVD GitHub
EPSS 10% CVSS 7.2
HIGH POC THREAT Act Now

An issue was discovered in Infoblox NETMRI before 7.6.1. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 10.3% and no vendor patch available.

Command Injection Netmri
NVD
EPSS 0% CVSS 8.8
HIGH This Month

eCharge Hardy Barth cPH2 index.php Command Injection Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Command Injection PHP RCE +1
NVD
EPSS 0% CVSS 8.8
HIGH This Month

eCharge Hardy Barth cPH2 nwcheckexec.php dest Command Injection Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Command Injection PHP RCE +1
NVD
EPSS 0% CVSS 8.8
HIGH This Month

eCharge Hardy Barth cPH2 check_req.php ntp Command Injection Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Command Injection PHP RCE +1
NVD
EPSS 1% CVSS 6.6
MEDIUM PATCH This Month

ejson2env allows users to decrypt EJSON secrets and export them as environment variables. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable. No vendor patch available.

Command Injection Suse
NVD GitHub
EPSS 1% CVSS 2.3
LOW POC Monitor

A vulnerability was found in Ackites KillWxapkg up to 2.4.1. Rated low severity (CVSS 2.3), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Command Injection Killwxapkg
NVD GitHub VulDB
EPSS 0% CVSS 5.4
MEDIUM This Month

A vulnerability in the self-service portal of Cisco Duo could allow an unauthenticated, remote attacker to inject arbitrary commands into emails that are sent by the service. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection Cisco Duo
NVD
EPSS 46% 6.1 CVSS 8.7
HIGH POC KEV THREAT Act Now

Meteobridge weather station web interface contains a command injection vulnerability allowing unauthenticated remote attackers to execute arbitrary commands through crafted requests to CGI endpoints.

Command Injection Meteobridge Vm Meteobridge Firmware
NVD
EPSS 1% CVSS 6.8
MEDIUM PATCH This Month

The ns_backup extension through 13.0.0 for TYPO3 allows command injection. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection
NVD
EPSS 6% CVSS 6.5
MEDIUM POC This Week

AAPanel v7.0.7 was discovered to contain an OS command injection vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Aapanel
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM This Month

Several OS command injection vulnerabilities exist in the device firmware in the /var/salia/mqtt.php script. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection PHP
NVD
EPSS 2% CVSS 5.3
MEDIUM This Month

A vulnerability was found in Linksys FGW3000-AH and FGW3000-HK up to 1.0.17.000000. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Linksys Fgw3000 Ah Firmware +1
NVD GitHub VulDB
EPSS 2% CVSS 5.3
MEDIUM This Month

A vulnerability was found in Linksys FGW3000-AH and FGW3000-HK up to 1.0.17.000000 and classified as critical. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Linksys Fgw3000 Ah Firmware +1
NVD GitHub VulDB
EPSS 13% CVSS 9.8
CRITICAL POC THREAT Act Now

A command injection vulnerability in the component /cgi-bin/firewall.cgi of Wavlink WL-WN579A3 v1.0 allows attackers to execute arbitrary commands via a crafted input. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 13.0%.

Command Injection Wl Wn579a3 Firmware
NVD
EPSS 13% CVSS 9.8
CRITICAL POC THREAT Act Now

A command injection vulnerability in the component /cgi-bin/adm.cgi of Wavlink WL-WN579A3 v1.0 allows attackers to execute arbitrary commands via a crafted input. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 13.0%.

Command Injection Wl Wn579a3 Firmware
NVD
EPSS 13% CVSS 9.8
CRITICAL POC THREAT Act Now

A command injection vulnerability in the component /cgi-bin/qos.cgi of Wavlink WL-WN579A3 v1.0 allows attackers to execute arbitrary commands via a crafted input. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 13.0%.

RCE Command Injection Code Injection +1
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

D-link DI-8100 16.07.26A1 is vulnerable to Command Injection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

D-Link Command Injection Di 8100G Firmware
NVD GitHub
EPSS 0% CVSS 8.8
HIGH This Week

The vCenter Server contains an authenticated command-execution vulnerability. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Command Injection VMware
NVD
EPSS 0% CVSS 6.5
MEDIUM POC This Month

The ChatGPT system through 2025-03-30 performs inline rendering of SVG documents (instead of, for example, rendering them as text inside a code block), which enables HTML injection within most modern. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Chatgpt
NVD
EPSS 3% CVSS 8.8
HIGH POC This Week

Multiple Code Injection vulnerabilities in EasyVirt DC NetScope <= 8.7.0 allows remote authenticated attackers to execute arbitrary code via the (1) lang parameter to /international/keyboard/options;. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection RCE Dc Netscope
NVD GitHub
EPSS 2% CVSS 5.3
MEDIUM This Month

A vulnerability classified as critical was found in TOTOLINK N300RH 6.1c.1390_B20191101. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection N300rh Firmware TOTOLINK
NVD GitHub VulDB
EPSS 1% CVSS 5.3
MEDIUM This Month

A vulnerability classified as critical has been found in TOTOLINK N300RH 6.1c.1390_B20191101. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection N300rh Firmware TOTOLINK
NVD GitHub VulDB
EPSS 2% CVSS 5.3
MEDIUM This Month

A vulnerability was found in TOTOLINK N300RH 6.1c.1390_B20191101. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection N300rh Firmware TOTOLINK
NVD GitHub VulDB
EPSS 1% CVSS 5.3
MEDIUM This Month

A vulnerability was found in Bohua NetDragon Firewall 1.0 and classified as critical.php. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection PHP
NVD GitHub VulDB
EPSS 1% CVSS 5.3
MEDIUM This Month

A vulnerability was found in TOTOLINK A3002R and A3002RU 3.0.0-B20230809.1615. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection A3002r Firmware A3002ru Firmware +1
NVD GitHub VulDB
EPSS 3% CVSS 7.2
HIGH POC This Week

The ImageMagick Engine ImageMagick Engine WordPress plugin before 1.7.11 for WordPress is vulnerable to OS Command Injection via the "cli_path" parameter. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection WordPress RCE +1
NVD WPScan
EPSS 1% CVSS 9.3
CRITICAL This Week

Improper neutralization of special elements used in an OS command ('OS Command Injection') issue exists in I-O DATA network attached hard disk 'HDL-T Series' firmware Ver.1.21 and earlier when. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection
NVD
EPSS 0% CVSS 8.9
HIGH PATCH This Month

motionEye is an online interface for the software motion, a video surveillance program with motion detection. Rated high severity (CVSS 8.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection
NVD GitHub
EPSS 1% CVSS 8.5
HIGH This Week

iTop is an web based IT Service Management tool. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable. No vendor patch available.

Command Injection RCE Itop
NVD GitHub
EPSS 8% CVSS 8.8
HIGH POC PATCH This Week

Netgate pfSense CE (prior to 2.8.0 beta release) and corresponding Plus builds are vulnerable to command injection in the OpenVPN widget due to improper sanitization of user-supplied input to the. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

RCE Command Injection Code Injection +2
NVD
EPSS 8% CVSS 9.1
CRITICAL This Week

ColdFusion versions 2025.1, 2023.13, 2021.19 and earlier are affected by an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability that could result. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection RCE Coldfusion
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Improper neutralization of special elements used in a command ('command injection') in Visual Studio allows an unauthorized attacker to execute code locally. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Command Injection Visual Studio 2019 Visual Studio 2022
NVD
EPSS 15% CVSS 9.8
CRITICAL POC THREAT Emergency

TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a command injection vulnerability via the FUN_00459fdc function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 15.4%.

Command Injection A3002r Firmware TOTOLINK
NVD GitHub
EPSS 91% 6.2 CVSS 10.0
CRITICAL POC THREAT Emergency

NetAlertX (formerly PiAlert) versions 23.01.14 through 24.x before 24.10.12 allow unauthenticated command injection through the settings update API. The savesettings function lacks authentication, enabling attackers to modify arbitrary configuration values and inject OS commands that execute on the host system.

Command Injection PHP Authentication Bypass +1
NVD
EPSS 0% CVSS 8.5
HIGH This Month

A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions with SINEMA Remote Connect Edge Client installed). Rated high severity (CVSS 8.5), this vulnerability is low attack complexity. No vendor patch available.

Command Injection Siemens Scalance Lpe9403 Firmware
NVD
EPSS 1% CVSS 9.4
CRITICAL This Week

A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.5), RUGGEDCOM ROX MX5000RE (All versions < V2.16.5), RUGGEDCOM ROX RX1400 (All versions < V2.16.5), RUGGEDCOM ROX. Rated critical severity (CVSS 9.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection RCE
NVD
EPSS 1% CVSS 9.4
CRITICAL This Week

A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.5), RUGGEDCOM ROX MX5000RE (All versions < V2.16.5), RUGGEDCOM ROX RX1400 (All versions < V2.16.5), RUGGEDCOM ROX. Rated critical severity (CVSS 9.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection RCE
NVD
EPSS 1% CVSS 9.4
CRITICAL This Week

A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.5), RUGGEDCOM ROX MX5000RE (All versions < V2.16.5), RUGGEDCOM ROX RX1400 (All versions < V2.16.5), RUGGEDCOM ROX. Rated critical severity (CVSS 9.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection RCE
NVD
EPSS 1% CVSS 10.0
CRITICAL This Week

A vulnerability has been identified in OZW672 (All versions < V8.0), OZW772 (All versions < V8.0). Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection RCE Ozw672 Firmware +1
NVD
EPSS 2% CVSS 10.0
CRITICAL This Week

The Live Auction Cockpit in SAP Supplier Relationship Management (SRM) uses a deprecated java applet component, which allows an unauthenticated attacker to send malicious payload request in a. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SAP Command Injection Deserialization +2
NVD
EPSS 0% CVSS 6.5
MEDIUM POC This Month

An arbitrary file upload vulnerability in the Image Gallery of ThingsBoard Community, ThingsBoard Cloud and ThingsBoard Professional v3.8.1 allows attackers to execute arbitrary code via uploading a. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection RCE File Upload +1
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM POC This Month

Tenda FH451 V1.0.0.9 is vulnerable to Remote Code Execution in the formSafeEmailFilter function. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Tenda RCE +1
NVD GitHub
EPSS 1% CVSS 8.8
HIGH This Week

Jan v0.5.14 and before is vulnerable to remote code execution (RCE) when the user clicks on a rendered link in the conversation, due to opening external website in the app and the exposure of. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection RCE
NVD GitHub
EPSS 1% CVSS 8.8
HIGH This Month

Victure RX1800 EN_V1.0.0_r12_110933 was discovered to contain a command injection vulnerability. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Command Injection Code Injection +1
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

EnerSys AMPA versions 24.04 through 24.16, inclusive, are vulnerable to command injection leading to privileged remote shell access. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection
NVD GitHub
EPSS 2% CVSS 9.8
CRITICAL Act Now

EnerSys AMPA 22.09 and prior versions are vulnerable to command injection leading to privileged remote shell access. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection
NVD GitHub
EPSS 1% CVSS 5.3
MEDIUM This Month

A vulnerability was found in D-Link DIR-619L 2.04B04. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link Command Injection Dir 619l Firmware
NVD GitHub VulDB
EPSS 1% CVSS 5.3
MEDIUM This Month

A vulnerability was found in D-Link DIR-619L 2.04B04. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link Command Injection Dir 619l Firmware
NVD GitHub VulDB
EPSS 1% CVSS 5.3
MEDIUM This Month

A vulnerability classified as critical has been found in D-Link DIR-605L 2.13B01. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link Command Injection Dir 605l Firmware
NVD GitHub VulDB
EPSS 2% CVSS 5.3
MEDIUM This Month

A vulnerability was found in D-Link DIR-605L 2.13B01. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link Command Injection Dir 605l Firmware
NVD GitHub VulDB
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

A command execution vulnerability exists in the TOTOLINK A950RG V4.1.2cu.5204_B20210112. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection A950rg Firmware TOTOLINK
NVD GitHub
EPSS 0% CVSS 6.5
MEDIUM This Month

An issue in dlink DNS-320 v.1.00 and DNS-320LW v.1.01.0914.20212 allows an attacker to execute arbitrary via the account_mgr.cgi->cgi_chg_admin_pw components. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

D-Link Command Injection
NVD
EPSS 0% CVSS 6.5
MEDIUM POC This Month

PHPJabbers Event Booking Calendar v4.0 is vulnerable to Multiple HTML Injection in the "name, plugin_sms_api_key, plugin_sms_country_code, title, plugin_sms_api_key, title" parameters. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Event Booking Calendar
NVD
EPSS 1% CVSS 8.5
HIGH This Week

When running in Appliance mode, a command injection vulnerability exists in an undisclosed iControl REST and BIG-IP TMOS Shell (tmsh) command which may allow an authenticated attacker with. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Big Ip Access Policy Manager Big Ip Advanced Firewall Manager +19
NVD
EPSS 0% CVSS 4.5
MEDIUM This Month

dbclient in Dropbear SSH before 2025.88 allows command injection via an untrusted hostname argument, because a shell is used. Rated medium severity (CVSS 4.5), this vulnerability is no authentication required. No vendor patch available.

Command Injection
NVD GitHub
EPSS 1% CVSS 7.2
HIGH This Week

A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN admin privileges can with admin privileges can inject shell command arguments to upload a file on the appliance. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Sma 100 Firmware Sma 200 Firmware +4
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

A vulnerability in the CLI of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an authenticated, local attacker to overwrite arbitrary files on the local file system of an. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Command Injection Cisco Catalyst Sd Wan Manager
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

A vulnerability in the web-based management interface of Cisco IOS XE Software could allow an authenticated, low-privileged, remote attacker to perform an injection attack against an affected device. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Apple Command Injection Cisco +1
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

A vulnerability in the web-based management interface of Cisco IOS XE Software could allow an authenticated, low-privileged, remote attacker to perform an injection attack against an affected. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Apple Command Injection Cisco +1
NVD
EPSS 1% CVSS 8.8
HIGH This Month

A vulnerability in the web-based management interface of the Wireless LAN Controller feature of Cisco IOS XE Software could allow an authenticated, remote attacker with a lobby ambassador user. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Apple Command Injection Cisco +1
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

HTML injection vulnerability in lemeconsultoria HCM galera.app v.4.58.0 allows an attacker to execute arbitrary code via the .galera.app/ted/solicitacao_treinamento/,. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection RCE
NVD
EPSS 0% CVSS 9.4
CRITICAL PATCH Act Now

goshs is a SimpleHTTPServer written in Go. Rated critical severity (CVSS 9.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection Suse
NVD GitHub
EPSS 0% CVSS 9.3
CRITICAL Act Now

In Optigo Networks ONS NC600 versions 4.2.1-084 through 4.7.2-330, an attacker could connect with the device's ssh server and utilize the system's components to perform OS command executions. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection Authentication Bypass
NVD
EPSS 0% CVSS 1.1
LOW Monitor

Terraform WinDNS Provider allows users to manage their Windows DNS server resources through Terraform. Rated low severity (CVSS 1.1), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Command Injection Hashicorp +1
NVD GitHub
EPSS 0% CVSS 6.5
MEDIUM This Month

An issue in the component /internals/functions of R-fx Networks Linux Malware Detect v1.6.5 allows attackers to escalate privileges and execute arbitrary code via supplying a file that contains a. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection RCE
NVD GitHub
EPSS 0% CVSS 5.5
MEDIUM This Month

Dell Storage Center - Dell Storage Manager, version(s) 20.1.20, contain(s) an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Command Injection Dell Storage Manager
NVD
EPSS 5% CVSS 9.8
CRITICAL POC Act Now

Netgear EX8000 V1.0.0.126 is vulnerable to Command Injection via the Iface parameter in the action_wireless function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Command Injection Ex8000 Firmware
NVD GitHub
EPSS 12% CVSS 9.8
CRITICAL POC THREAT Emergency

Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability in the runtime.ddnsStatus DynDNS function via the username parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 11.9%.

Command Injection Linksys E5600 Firmware
NVD GitHub
EPSS 7% CVSS 9.8
CRITICAL POC Act Now

Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability in the runtime.ddnsStatus DynDNS function via the password parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Linksys E5600 Firmware
NVD GitHub
EPSS 7% CVSS 9.8
CRITICAL POC Act Now

Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability in the runtime.ddnsStatus DynDNS function via the hostname parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Linksys E5600 Firmware
NVD GitHub
EPSS 10% CVSS 9.8
CRITICAL POC Act Now

Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability in the runtime.ddnsStatus DynDNS function via the mailex parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Linksys E5600 Firmware
NVD GitHub
EPSS 7% CVSS 9.8
CRITICAL POC Act Now

Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability in the runtime.InternetConnection function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Linksys E5600 Firmware
NVD GitHub
EPSS 7% CVSS 5.1
MEDIUM POC This Month

A vulnerability was found in Tenda RX3 16.03.13.11_multi. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Tenda Rx3 Firmware
NVD GitHub VulDB
EPSS 5% CVSS 8.7
HIGH This Week

A vulnerability classified as critical was found in D-Link DIR-600L up to 2.07B01. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link Command Injection Dir 600L Firmware
NVD GitHub VulDB
EPSS 5% CVSS 8.7
HIGH This Week

A vulnerability classified as critical has been found in D-Link DIR-600L up to 2.07B01. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link Command Injection Dir 600L Firmware
NVD GitHub VulDB
Prev Page 27 of 87 Next

Quick Facts

Typical Severity
CRITICAL
Category
web
Total CVEs
7746

Related CWEs

MITRE ATT&CK

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy