CWE-78: OS Command Injection

This vulnerability allows network-adjacent attackers to execute arbitrary code as root on D-Link DAP-1325 routers without authentication. Attackers ca...

This vulnerability allows authenticated remote attackers to execute arbitrary commands with root privileges on Control Web Panel installations. Attack...

This vulnerability allows authenticated remote attackers to execute arbitrary commands with root privileges on Control Web Panel installations. The fl...

This vulnerability allows network-adjacent attackers to execute arbitrary code as root on D-Link DAP-1325 routers without authentication. Attackers ca...

This vulnerability allows network-adjacent attackers to execute arbitrary commands as root on D-Link DAP-1325 routers without authentication. Attacker...

This vulnerability allows network-adjacent attackers to execute arbitrary code as root on D-Link DAP-1325 routers without authentication. The flaw exi...

This vulnerability allows network-adjacent attackers to execute arbitrary commands as root on D-Link DAP-1325 routers without authentication. The flaw...

This vulnerability allows network-adjacent attackers to execute arbitrary commands as root on D-Link DAP-1325 routers without authentication. Attacker...

This vulnerability allows network-adjacent attackers to execute arbitrary commands as root on D-Link DAP-1325 routers without authentication. Attacker...

This vulnerability allows network-adjacent attackers to execute arbitrary commands as root on D-Link DAP-1325 routers without authentication. Attacker...

This vulnerability allows attackers on the same local network to execute arbitrary commands with root privileges on NETGEAR RAX30 routers without auth...

This vulnerability allows network-adjacent attackers to execute arbitrary commands as root on TP-Link TL-WR841N routers without authentication. The fl...

This vulnerability allows network-adjacent attackers to execute arbitrary code as root on D-Link DIR-X3260 routers without authentication. Attackers c...

This vulnerability allows network-adjacent attackers to execute arbitrary code as root on D-Link DIR-2150 routers without authentication. The flaw exi...

This critical vulnerability in MailCleaner allows remote attackers to execute arbitrary operating system commands through admin endpoints. It affects ...

This vulnerability allows authenticated local attackers with read-only or higher privileges on Cisco Integrated Management Controller (IMC) devices to...

This format string vulnerability in Lenovo's SMM/SMM2 and FPC software allows authenticated users to execute arbitrary commands on a specific API endp...

CVE-2024-1655 is an OS command injection vulnerability in certain ASUS WiFi routers that allows authenticated remote attackers to execute arbitrary sy...

This CVE describes an OS command injection vulnerability in Fortinet FortiSandbox that allows attackers to execute arbitrary commands on affected syst...

CVE-2023-1082 is a command injection vulnerability that allows remote attackers with low-privileged access to execute arbitrary commands on affected s...

This CVE describes an OS command injection vulnerability in specific ELECOM wireless LAN routers that allows an unauthenticated attacker on the same n...

This CVE describes a command injection vulnerability in the diagnostics interface of Bosch Network Synchronizer devices. Unauthenticated attackers can...

This vulnerability allows remote command injection in PaddlePaddle's download utility. Attackers can execute arbitrary commands on systems using vulne...

This CVE describes an OS command injection vulnerability in multiple QNAP operating system versions that allows authenticated users to execute arbitra...

This CVE describes an OS command injection vulnerability in BIOVIA Materials Studio products that allows attackers to execute arbitrary commands on af...

This vulnerability allows remote attackers to execute arbitrary code on TenghuTOS TWS-200 devices by sending specially crafted commands to the ping pa...

This vulnerability allows authenticated users to execute arbitrary commands as root by injecting payloads into the 'destination' field of network test...

This vulnerability allows a network-adjacent attacker on the same LAN or Wi-Fi network to execute arbitrary operating system commands on affected TP-L...

This vulnerability allows an attacker on the same local network to execute arbitrary operating system commands on affected TP-LINK devices without aut...

This vulnerability in OX App Suite's OXMF template parser allows attackers to execute arbitrary system commands with the privileges of the non-privile...

This CVE describes an OS command injection vulnerability in QNAP Video Station that allows authenticated users to execute arbitrary commands on the sy...

CVE-2023-50094 is an OS command injection vulnerability in reNgine web application security scanner versions before 2.1.2. An authenticated attacker c...

This CVE describes an authenticated command injection vulnerability in Weintek cMT2078X HMI devices running easyWeb v2.1.3 and OS v20220215. Attackers...

This CVE describes an OS command injection vulnerability in Fortinet FortiWLM that allows attackers to execute arbitrary commands on affected systems....

This vulnerability allows the lowest privilege user in MGT CloudPanel's File-Manager to execute arbitrary operating system commands through file owner...

This CVE describes an OS command injection vulnerability in AE1021PE and AE1021 firmware versions 2.0.9 and earlier. Attackers who can authenticate to...

This vulnerability allows low-privileged remote attackers to execute arbitrary system commands through file system libraries, potentially gaining full...

A post-authentication command injection vulnerability in Zyxel NAS devices allows authenticated attackers to execute arbitrary OS commands by sending ...

This OS command injection vulnerability in Univera Computer System Panorama allows attackers to execute arbitrary commands on the underlying operating...

This CVE describes an OS command injection vulnerability in QuMagie that allows authenticated users to execute arbitrary commands on the system. The v...

This vulnerability in ASUS RT-AX55 routers allows authenticated remote attackers to inject malicious commands through insufficient filtering of specia...

This vulnerability in ASUS RT-AX55 routers allows authenticated remote attackers to inject malicious commands through insufficient filtering of specia...

This vulnerability in Cisco ISE allows authenticated users with at least Read-only privileges to execute arbitrary commands on the underlying operatin...

CVE-2023-46117 is a remote code execution vulnerability in reconFTW caused by inadequate validation of retrieved subdomains. Attackers can exploit thi...

This OS command injection vulnerability in QUSBCam2 allows remote attackers to execute arbitrary commands on affected systems via network requests. Us...

This vulnerability allows remote attackers with administrative access to execute arbitrary code on Yealink SIP-T19P E2 phones via a crafted request to...

This CVE describes an OS command injection vulnerability in Fortinet FortiWLM wireless LAN management systems. Attackers can execute arbitrary command...

This CVE describes an OS command injection vulnerability in Fortinet FortiWLM wireless LAN management systems. Attackers can execute arbitrary command...

This CVE describes an OS command injection vulnerability in Fortinet FortiWLM that allows attackers to execute arbitrary commands on affected systems....

This CVE describes an OS command injection vulnerability in Fortinet FortiWLM wireless LAN management systems. Attackers can execute arbitrary command...