CWE-78: OS Command Injection

This vulnerability allows remote attackers to execute arbitrary operating system commands on TOTOLINK X5000R routers by injecting malicious commands t...

This vulnerability allows remote attackers to execute arbitrary operating system commands on TOTOLINK X5000R routers by injecting malicious commands t...

This vulnerability allows remote attackers to execute arbitrary operating system commands on TOTOLINK X5000R routers by injecting malicious commands t...

This vulnerability allows remote attackers to execute arbitrary operating system commands on TOTOLINK X5000R routers by injecting malicious commands t...

This vulnerability allows remote attackers to execute arbitrary operating system commands on TOTOLINK X5000R routers by injecting malicious commands t...

This vulnerability allows remote attackers to execute arbitrary operating system commands on TOTOLINK X5000R routers by injecting malicious commands i...

This CVE-2024-27778 is an OS command injection vulnerability in Fortinet FortiSandbox that allows authenticated attackers with read-only permissions t...

Authenticated command injection in Iocharger AC charging station firmware allows attackers with low-privilege accounts to execute arbitrary commands a...

This vulnerability allows authenticated remote attackers to execute arbitrary commands as root on vulnerable Webmin installations. Attackers can injec...

This vulnerability allows remote authenticated users to execute arbitrary commands on CyberPanel servers via shell injection in the phpSelection field...

This vulnerability allows remote authenticated attackers to execute arbitrary commands on IBM App Connect Enterprise Certified Container systems by se...

This vulnerability allows remote attackers to execute arbitrary commands with root privileges on Victure RX1800 WiFi 6 Router devices. Attackers can e...

This vulnerability allows remote attackers to execute arbitrary commands with root privileges on Victure RX1800 WiFi 6 Router devices. Attackers can e...

This vulnerability allows authenticated remote attackers to execute arbitrary system commands with root privileges on Cohesive Networks VNS3 installat...

This vulnerability allows authenticated remote attackers to execute arbitrary system commands with root privileges on Logsign Unified SecOps Platform ...

This OS command injection vulnerability in Rakuten Turbo 5G firmware allows remote authenticated attackers to execute arbitrary operating system comma...

StepSecurity's Harden-Runner versions before 2.10.2 contain command injection vulnerabilities via environment variables that could allow attackers to ...

This vulnerability allows an authenticated local attacker to execute arbitrary commands with root privileges on devices running ConfD CLI due to insuf...

This vulnerability allows remote attackers to execute arbitrary operating system commands on D-Link DIR_823G routers via command injection in the Addr...

This vulnerability allows remote attackers to execute arbitrary commands on Draytek Vigor3900 routers by injecting malicious commands into the mainfun...

This vulnerability allows remote attackers to execute arbitrary commands on Draytek Vigor3900 routers by injecting malicious commands into the mainfun...

CVE-2024-36060 allows remote attackers to execute arbitrary operating system commands on EnGenius EnStation5-AC devices by injecting shell metacharact...

This vulnerability allows remote attackers to execute arbitrary commands on Tenda AC7 routers without authentication. Attackers can inject malicious c...

This vulnerability allows remote attackers to execute arbitrary operating system commands on Microchip TimeProvider 4100 devices through improper inpu...

This vulnerability in Cisco IOS XR Software allows authenticated local attackers with low-privileged accounts to gain root-level file system access th...

This vulnerability allows low-privileged remote attackers to execute arbitrary operating system commands with root privileges by exploiting improper i...

This vulnerability allows low-privileged remote attackers to execute arbitrary operating system commands as root on affected mGuard devices. Attackers...

A low-privileged remote attacker can read and write files as root on mGuard devices due to improper input sanitization of the EMAIL_RELAY_PASSWORD var...

This vulnerability allows remote attackers to execute arbitrary commands on affected D-Link routers by sending malicious input to the usb_paswd.asp CG...

This CVE describes an OS command injection vulnerability in QNAP operating systems that allows authenticated users to execute arbitrary commands via n...

This CVE describes a command injection vulnerability in the Linksys E1500 router's httpd service. An authenticated attacker can execute arbitrary oper...

This vulnerability allows authenticated attackers to execute arbitrary operating system commands on TOTOLINK X5000r routers through command injection ...

This CVE describes an authenticated OS command injection vulnerability in TOTOLINK X5000r routers. Attackers with valid credentials can execute arbitr...

This CVE describes an OS command injection vulnerability in TOTOLINK X5000r routers that allows authenticated attackers to execute arbitrary commands ...

This CVE describes an authenticated OS command injection vulnerability in TOTOLINK X5000r routers. Attackers with valid credentials can send specially...

This vulnerability allows authenticated attackers to execute arbitrary operating system commands on TOTOLINK X5000r routers through command injection ...

This vulnerability allows authenticated attackers to execute arbitrary operating system commands on TOTOLINK X5000r routers by sending malicious packe...

Softaculous Webuzo contains a command injection vulnerability in FTP management functionality that allows authenticated attackers to execute arbitrary...

This vulnerability allows remote attackers to execute arbitrary operating system commands on Adtran 834-5 devices by injecting shell metacharacters in...

This vulnerability in Century Systems' FutureNet NXR, VXR, and WXR series allows authenticated users with debug function knowledge to execute arbitrar...

CVE-2024-39935 is an OS command injection vulnerability in jc21 NGINX Proxy Manager that allows authenticated users with certificate management privil...

Dell PowerProtect DD versions before 8.0 contain an OS command injection vulnerability in an admin operation. A remote attacker with low privileges ca...

CVE-2024-4748 is a command injection vulnerability in the CRUDDIY project that allows remote attackers to execute arbitrary shell commands on affected...

This CVE describes a command injection vulnerability in TOTOLINK A6000R routers that allows remote attackers to execute arbitrary code via the iface p...

This vulnerability allows authenticated remote attackers to execute arbitrary system commands on A10 Thunder ADC devices. Attackers can achieve remote...

This vulnerability allows authenticated attackers to execute arbitrary operating system commands on ORing IAP-420 devices through the web interface. A...

This vulnerability allows network-adjacent attackers to execute arbitrary commands as root on D-Link G416 wireless routers without authentication. Att...

This vulnerability allows remote attackers to execute arbitrary commands on TOTOLINK X5000R routers via the disconnectVPN function. Attackers can gain...

CVE-2023-37407 is an OS command injection vulnerability in IBM Aspera Orchestrator that allows authenticated remote attackers to execute arbitrary com...

This vulnerability allows remote attackers to execute arbitrary code on Voltronic Power ViewPower Pro systems by injecting malicious commands into the...