CWE-78: OS Command Injection

This CVE describes an OS command injection vulnerability in AE1021 and AE1021PE firmware that allows authenticated users to execute arbitrary operatin...

An authenticated Remote Code Execution vulnerability in AirWave CLI allows authenticated attackers to execute arbitrary commands with privileged user ...

This vulnerability allows remote authenticated attackers with administrative privileges to execute arbitrary operating system commands on affected IO-...

This vulnerability allows authenticated attackers with administrator privileges to execute arbitrary operating system commands on Zyxel VMG4005-B50A d...

This vulnerability allows remote attackers with administrator credentials to execute arbitrary system commands on affected Billion Electric routers vi...

This vulnerability allows authenticated attackers with Administrator-level WordPress access to execute arbitrary code on the server via the cron_inter...

This OS command injection vulnerability in Advantech EKI-6333 series industrial wireless access points allows attackers to execute arbitrary commands ...

This OS command injection vulnerability in Advantech EKI-6333 series industrial switches allows attackers to execute arbitrary commands on affected de...

This OS command injection vulnerability in Advantech EKI-6333 series industrial switches allows attackers to execute arbitrary commands on affected de...

This OS command injection vulnerability in Advantech EKI-6333 series industrial switches allows attackers to execute arbitrary commands on affected de...

This OS command injection vulnerability in Advantech EKI-6333 series industrial switches allows attackers to execute arbitrary commands on affected de...

This OS command injection vulnerability in Advantech EKI series industrial switches allows attackers to execute arbitrary commands on affected devices...

This CVE describes three authenticated OS command injection vulnerabilities in MC Technologies MC LR Router's web interface. An attacker with valid cr...

This CVE describes a privilege escalation vulnerability in Palo Alto Networks PAN-OS software where an authenticated administrator with access to the ...

This CVE describes an OS command injection vulnerability in D-Link DSL6740C modems that allows authenticated attackers with administrator privileges t...

The D-Link DSL6740C modem has an OS command injection vulnerability that allows authenticated attackers with administrator privileges to execute arbit...

The D-Link DSL6740C modem has an OS command injection vulnerability that allows authenticated attackers with administrator privileges to execute arbit...

CVE-2024-10653 is an OS command injection vulnerability in IDExpert software from CHANGING Information Technology. Attackers with administrative acces...

A command injection vulnerability in the Edge Computing UI for TRO600 series radios allows attackers with write access to execute arbitrary system com...

MangoOS versions before 5.2.0 contain an authenticated remote code execution vulnerability in the Active Process Command feature. This allows authenti...

CVE-2024-8957 is an OS command injection vulnerability in PTZOptics PT30X-SDI/NDI cameras that allows arbitrary command execution via insufficient val...

This CVE describes an authenticated command injection vulnerability in ArubaOS CLI that allows authenticated attackers to execute arbitrary commands w...

This vulnerability in Lenovo XClarity Controller (XCC) allows authenticated users with elevated privileges to execute arbitrary commands or cause a re...

This privilege escalation vulnerability in Lenovo XClarity Controller (XCC) allows authenticated users with elevated privileges to execute arbitrary c...

This CVE describes a command injection vulnerability in Palo Alto Networks PAN-OS software that allows authenticated administrators to bypass system r...

This vulnerability allows authenticated attackers with Administrator privileges on Cisco Routed PON Manager or direct MongoDB access to execute arbitr...

An OS command injection vulnerability in Ivanti Cloud Services Appliance allows authenticated attackers with admin privileges to execute arbitrary com...

This vulnerability allows authenticated administrators on affected Zyxel firewalls to execute arbitrary operating system commands through command inje...

This is a post-authentication command injection vulnerability in multiple Zyxel firewall series. An authenticated attacker with administrator privileg...

This vulnerability allows remote attackers with administrator privileges to execute arbitrary operating system commands on CAYIN Technology CMS server...

This vulnerability allows authenticated attackers with administrative access to KAON AR2140 routers to execute arbitrary shell commands via crafted re...

CVE-2024-33896 is a code injection vulnerability in Cosy+ industrial remote access gateways that allows attackers to execute arbitrary commands on aff...

This CVE describes a privilege escalation vulnerability in Lenovo XClarity Controller (XCC) SSH captive command shell interface. Authenticated XCC use...

This privilege escalation vulnerability in Lenovo XClarity Controller (XCC) allows authenticated users with elevated privileges to execute arbitrary c...

This CVE describes a privilege escalation vulnerability in Lenovo XCC (XClarity Controller) interfaces that allows authenticated users with elevated p...

This vulnerability allows remote attackers with administrative privileges to execute arbitrary operating system commands through a file writing functi...

This CVE describes three OS command injection vulnerabilities in Realtek rtl819x Jungle SDK's boa formWsc functionality. Attackers can execute arbitra...

This vulnerability allows a high-privileged remote attacker to execute arbitrary operating system commands via GET requests due to improper input sani...

This vulnerability allows remote attackers with administrator privileges to execute arbitrary system commands on ASKEY 5G NR Small Cell devices due to...

Openfind Mail2000 contains an OS command injection vulnerability in a specific API endpoint. Attackers with administrative access can exploit this to ...

This vulnerability allows authenticated administrators in ILIAS e-learning platforms to execute arbitrary operating system commands by uploading files...

This CVE describes a command injection vulnerability in the IOCTL interface handling OTA updates. An authenticated attacker can execute arbitrary comm...

This CVE describes authenticated command injection vulnerabilities in HPE Aruba Networking products that allow attackers with CLI access to execute ar...

This vulnerability allows authenticated WordPress administrators to execute arbitrary commands on the server through the Unlimited Elements For Elemen...

This CVE allows remote attackers with administrative privileges to execute arbitrary system commands on HGiga iSherlock products through command injec...

This CVE describes a command injection vulnerability in HGiga iSherlock email security products (MailSherlock, SpamSherlock, AuditSherlock). Remote at...

This vulnerability allows remote authenticated attackers with administrative privileges to execute arbitrary operating system commands on SVR-116 devi...

Dell vApp Manager versions prior to 9.2.4.9 contain a command injection vulnerability (CWE-78) that allows authorized attackers to execute arbitrary c...

This OS command injection vulnerability in openEuler's aops-zeus component allows attackers to execute arbitrary commands on affected Linux systems. T...

SOY CMS versions before 3.14.2 contain an OS command injection vulnerability in the file upload feature. Administrators can exploit this by uploading ...