CWE-78: OS Command Injection

This OS command injection vulnerability in Centreon Infra Monitoring allows authenticated high-privilege users to inject arbitrary commands into polle...

This vulnerability allows authenticated administrators in Ivanti EPMM to execute arbitrary operating system commands through the admin panel, leading ...

This CVE describes an OS command injection vulnerability in Ivanti EPMM admin panel that allows authenticated administrators to execute arbitrary comm...

Two OS command injection vulnerabilities in Fortinet FortiVoice allow privileged attackers to execute arbitrary commands via crafted HTTP/HTTPS or CLI...

A privilege escalation vulnerability in Flowmon versions before 12.5.5 allows administrators with management interface access to execute unintended co...

A command injection vulnerability in QNAP operating systems allows authenticated attackers with administrator privileges to execute arbitrary commands...

This CVE describes an OS command injection vulnerability in I-O DATA WN-7D36QR and WN-7D36QR/UE wireless LAN routers. Remote authenticated attackers c...

This vulnerability allows authenticated remote attackers to execute arbitrary system commands on Vacron Camera devices via command injection in the we...

This CVE describes an OS command injection vulnerability in multiple products from iND Co.,Ltd. Attackers can execute arbitrary operating system comma...

This CVE describes an OS command injection vulnerability in Fortinet FortiADC that allows authenticated attackers with low privileges to execute arbit...

This CVE describes an authenticated OS command injection vulnerability in D-Link DIR-615H1 routers running firmware version 8.04. Attackers with defau...

This CVE describes an authenticated OS command injection vulnerability in Netgear DGN1000B routers that allows authenticated attackers to execute arbi...

This CVE describes an OS command injection vulnerability in Synology Router Manager's DDNS functionality. Authenticated administrators can execute arb...

This CVE describes an OS command injection vulnerability in ELECOM WRC-BE36QS-B and WRC-W701-B wireless routers. Remote attackers who can authenticate...

This vulnerability allows a high-privileged remote attacker to execute arbitrary operating system commands via GET requests to a cloud server communic...

This vulnerability allows authenticated high-privileged remote attackers to execute arbitrary operating system commands via POST requests to the send_...

This vulnerability allows authenticated attackers with high privileges in Ivanti Endpoint Manager Mobile (EPMM) to execute arbitrary operating system ...

CVE-2025-6770 is an OS command injection vulnerability in Ivanti Endpoint Manager Mobile (EPMM) that allows authenticated attackers with high privileg...

CVE-2025-7145 is an OS command injection vulnerability in ThreatSonar Anti-Ransomware that allows remote attackers with intermediate platform privileg...

This CVE describes an OS command injection vulnerability in TB-eye network recorders and AHD recorders that allows authenticated attackers to execute ...

This OS command injection vulnerability in FortiADC allows authenticated attackers to execute arbitrary operating system commands via specially crafte...

This CVE describes an OS command injection vulnerability in wivia 5 that allows authenticated administrative users to execute arbitrary operating syst...

This vulnerability allows authenticated WordPress administrators to execute arbitrary operating system commands on the server via the 'cli_path' param...

A command injection vulnerability in SMA100 SSL-VPN appliances allows authenticated administrators to execute arbitrary shell commands by manipulating...

This vulnerability allows authenticated remote attackers to execute arbitrary commands on BEC Technologies routers by injecting malicious input into t...

This OS command injection vulnerability in Fortinet FortiIsolator allows attackers with super-admin privileges and CLI access to execute arbitrary com...

This vulnerability allows authenticated attackers with administrator-level WordPress access to execute arbitrary code on the server via the compressio...

CVE-2025-0255 is an OS command injection vulnerability in HCL DevOps Deploy/Launch that allows authenticated privileged attackers to execute arbitrary...

This CVE describes an OS command injection vulnerability in +F FS010M devices that allows authenticated administrators to execute arbitrary operating ...

This vulnerability allows privileged attackers to execute arbitrary operating system commands on FortiSandbox appliances through crafted requests. It ...

This vulnerability in Siemens SCALANCE LPE9403 industrial network devices allows authenticated high-privileged attackers to execute arbitrary code due...

This vulnerability allows an authenticated, highly-privileged remote attacker to execute arbitrary code on affected SCALANCE LPE9403 devices by exploi...

A vulnerability in SCALANCE LPE9403 industrial network devices allows authenticated high-privileged remote attackers to execute arbitrary code due to ...

This CVE describes a post-authentication command injection vulnerability in Zyxel VMG8825-T50K devices. An authenticated attacker with administrator p...

This vulnerability allows authenticated attackers with administrator privileges to execute arbitrary operating system commands on Zyxel networking dev...

This vulnerability allows authenticated attackers with administrator privileges to execute arbitrary operating system commands on affected Zyxel devic...

This CVE describes an OS command injection vulnerability in UD-LT2 firmware that allows authenticated attackers with administrative privileges to exec...

This vulnerability allows authenticated privileged attackers to execute arbitrary commands on IBM DevOps Deploy and UrbanCode Deploy systems by sendin...

This OS command injection vulnerability in Fortinet FortiAnalyzer and FortiManager products allows authenticated privileged attackers to execute arbit...

This CVE describes an OS command injection vulnerability in Fortinet FortiWeb web application firewalls. Attackers can execute arbitrary commands on a...

This vulnerability allows authenticated attackers with administrative access to execute arbitrary operating system commands on UD-LT2 devices. Attacke...

This vulnerability allows remote attackers to execute arbitrary operating system commands on affected NEC Aterm routers via network access. Attackers ...

This CVE describes an OS command injection vulnerability in Fortinet FortiManager and FortiManager Cloud products. Authenticated remote attackers can ...

This vulnerability allows administrative users of Sharp Home 5G HR02 and Wi-Fi STATION SH-54C devices to execute arbitrary operating system commands w...

This CVE describes an OS command injection vulnerability in AE1021 and AE1021PE firmware that allows authenticated users to execute arbitrary operatin...

An authenticated Remote Code Execution vulnerability in AirWave CLI allows authenticated attackers to execute arbitrary commands with privileged user ...

This vulnerability allows remote authenticated attackers with administrative privileges to execute arbitrary operating system commands on affected IO-...

This vulnerability allows authenticated attackers with administrator privileges to execute arbitrary operating system commands on Zyxel VMG4005-B50A d...

This vulnerability allows remote attackers with administrator credentials to execute arbitrary system commands on affected Billion Electric routers vi...

This vulnerability allows authenticated attackers with Administrator-level WordPress access to execute arbitrary code on the server via the cron_inter...