CWE-77: Command Injection

This vulnerability in ClearPass Policy Manager allows authenticated remote attackers to execute arbitrary commands as root on the underlying operating...

This vulnerability in Aruba ClearPass Policy Manager allows authenticated remote users to execute arbitrary commands on the underlying host with root ...

This vulnerability in Aruba ClearPass Policy Manager allows authenticated remote attackers to execute arbitrary commands as root on the underlying ope...

This vulnerability allows authenticated attackers to execute arbitrary commands on GTB Central Console systems through command injection in the DNS se...

This critical vulnerability in TRENDnet TEW-822DRE routers allows remote attackers to execute arbitrary commands via command injection in the ping fun...

This vulnerability in the Newsletters WordPress plugin allows administrators to execute arbitrary SQL queries and shell commands on the server due to ...

This vulnerability allows authenticated administrators on Peplink Balance Two routers to execute arbitrary commands as root via command injection in t...

This vulnerability in Apache StreamPark allows authenticated users with system-level permissions to execute arbitrary commands through Maven compilati...

This vulnerability allows a malicious administrator in Jellyfin to execute arbitrary code on the server by exploiting a path traversal issue in the me...

This CVE describes a command injection vulnerability in PRTG Network Monitor's DICOM C-ECHO sensor. Authenticated users with write permissions can exp...

This CVE describes an OS command injection vulnerability in the libzebra.so library's change_hostname function in Milesight UR32L routers. Attackers c...

This CVE describes an OS command injection vulnerability in the Milesight UR32L router's user deletion functionality. Attackers can execute arbitrary ...

Authenticated command injection vulnerabilities in ArubaOS CLI allow attackers with valid credentials to execute arbitrary commands as privileged user...

This vulnerability allows authenticated privileged remote attackers to execute arbitrary commands with root privileges on Siemens CP-8031 and CP-8050 ...

This vulnerability allows authenticated admin users to execute arbitrary Linux commands as root on Kratos SpectralNet Narrowband devices. Attackers ca...

This vulnerability allows authenticated attackers with internal network access to execute arbitrary commands on MiVoice Connect systems through comman...

This is a command injection vulnerability in Linksys E2000 routers that allows authenticated attackers to execute arbitrary commands with shell privil...

This CVE describes a command injection vulnerability in Linksys WRT54GL routers that allows authenticated attackers to execute arbitrary commands with...

This vulnerability allows authenticated privileged remote attackers to execute arbitrary commands with root privileges on affected SIMATIC Cloud Conne...

This CVE describes authenticated command injection vulnerabilities in Aruba InstantOS and ArubaOS 10 command line interfaces. Attackers with authentic...

WBCE CMS 1.5.3 contains a command injection vulnerability in admin/languages/install.php that allows authenticated attackers to execute arbitrary comm...

This vulnerability allows authenticated users in Zoho ManageEngine ADManager Plus to execute arbitrary commands through proxy settings. Attackers with...

This CVE describes a post-authentication command injection vulnerability in Sophos Web Appliance's exception wizard. It allows authenticated administr...

CVE-2023-1458 is a command injection vulnerability in Ubiquiti EdgeRouter X's OSPF handler that allows authenticated attackers to execute arbitrary co...

CVE-2023-1456 is a post-authentication command injection vulnerability in Ubiquiti EdgeRouter X's NAT Configuration Handler. Attackers with administra...

This CVE describes an authenticated remote code execution vulnerability in Aruba's AOS-CX Network Analytics Engine. Attackers with valid credentials c...

A command injection vulnerability in Array Networks APV products allows authenticated administrators to execute arbitrary shell commands via crafted p...

This is a critical command injection vulnerability in DrayTek Vigor 2960 routers that allows attackers to execute arbitrary commands on the device by ...

CVE-2023-22759 is an authenticated remote command injection vulnerability in ArubaOS web management interfaces. It allows authenticated attackers to e...

CVE-2023-22761 allows authenticated attackers to execute arbitrary commands as privileged users on ArubaOS devices through the web management interfac...

This CVE describes authenticated command injection vulnerabilities in ArubaOS command line interface that allow attackers to execute arbitrary command...

Authenticated command injection vulnerabilities in ArubaOS CLI allow attackers with valid credentials to execute arbitrary commands as privileged user...

CVE-2023-22767 allows authenticated attackers to execute arbitrary commands with privileged access on ArubaOS devices through command injection in the...

This CVE describes authenticated command injection vulnerabilities in ArubaOS command line interface. Attackers with valid credentials can execute arb...

This vulnerability allows authenticated users of NetModule NSRW web administration interface to execute arbitrary operating system commands with eleva...

This critical vulnerability in TRENDnet TEW-811DRU routers allows remote attackers to execute arbitrary commands through the web interface. Attackers ...

This critical vulnerability in TRENDnet TEW-652BRP routers allows remote attackers to execute arbitrary commands via the web interface's ping.ccp file...

This CVE describes a command injection vulnerability in multiple Totolink router models that allows attackers to execute arbitrary commands on affecte...

This CVE describes an OS command injection vulnerability in InHand Networks InRouter302's console factory functionality. Attackers can execute arbitra...

This is a command injection vulnerability in Nagios XI 5.8.5 that allows authenticated administrators to execute arbitrary system commands by uploadin...

This CVE describes a remote arbitrary command execution vulnerability in Aruba ClearPass Policy Manager. Attackers can execute arbitrary commands on a...

This CVE describes a remote arbitrary command execution vulnerability in Aruba ClearPass Policy Manager. Attackers can execute arbitrary commands on a...

This CVE allows remote attackers to execute arbitrary commands on Aruba ClearPass Policy Manager systems without authentication. It affects ClearPass ...

This vulnerability allows authenticated administrators on NETGEAR R6020 routers to execute arbitrary shell commands by injecting shell metacharacters ...

This vulnerability allows remote command injection in the meshd routing service on Xiaomi AX3600 routers, enabling attackers to execute arbitrary comm...

This CVE allows remote attackers to execute arbitrary commands on affected Aruba SD-WAN and gateway devices. The vulnerability stems from improper neu...

This CVE allows remote attackers to execute arbitrary commands on Aruba SD-WAN and gateway devices running vulnerable ArubaOS versions. Attackers can ...

This CVE allows remote attackers to execute arbitrary commands on Aruba SD-WAN and gateway devices through improper neutralization of special elements...

This CVE allows remote attackers to execute arbitrary commands on ArubaOS network devices without authentication. It affects ArubaOS versions prior to...

CVE-2020-12967 is a vulnerability in AMD's SEV/SEV-ES memory encryption technology where lack of nested page table protection could allow a compromise...