CWE-78: OS Command Injection

This CVE describes a command injection vulnerability in HGiga iSherlock email security products (MailSherlock, SpamSherlock, AuditSherlock). Remote at...

This vulnerability allows remote authenticated attackers with administrative privileges to execute arbitrary operating system commands on SVR-116 devi...

Dell vApp Manager versions prior to 9.2.4.9 contain a command injection vulnerability (CWE-78) that allows authorized attackers to execute arbitrary c...

This OS command injection vulnerability in openEuler's aops-zeus component allows attackers to execute arbitrary commands on affected Linux systems. T...

SOY CMS versions before 3.14.2 contain an OS command injection vulnerability in the file upload feature. Administrators can exploit this by uploading ...

This CVE describes a post-authentication command injection vulnerability in Zyxel firewall and access point firmware. An authenticated attacker with a...

This CVE describes a command injection vulnerability in Security Center that allows authenticated administrators to execute arbitrary code on the host...

Dell PowerProtect Data Manager versions 19.15 and earlier contain an OS command injection vulnerability that allows remote authenticated high-privileg...

This CVE describes an authenticated command injection vulnerability in TP-Link ER7206 Omada VPN routers. An attacker with valid credentials can execut...

This vulnerability allows authenticated attackers to execute arbitrary commands on TP-Link ER7206 Omada Gigabit VPN Router by sending specially crafte...

This vulnerability allows authenticated attackers to execute arbitrary commands on the TP-Link ER7206 Omada Gigabit VPN Router via a post-authenticati...

This vulnerability allows authenticated attackers to execute arbitrary commands on TP-Link ER7206 Omada Gigabit VPN Router devices by sending speciall...

This critical vulnerability in TRENDnet TEW-800MB routers allows remote attackers to execute arbitrary operating system commands by manipulating the D...

This critical vulnerability in Poly VoIP devices allows remote attackers to execute arbitrary operating system commands via the Diagnostic Telnet Mode...

This CVE describes an OS command injection vulnerability in Dell PowerProtect DD's administrator CLI. A remote attacker with high privileges can execu...

Dell vApp Manager versions prior to 9.2.4.x contain a command injection vulnerability (CWE-78) that allows remote authenticated users with high privil...

Dell vApp Manager versions prior to 9.2.4.x contain a command injection vulnerability (CWE-78) that allows remote attackers with high privileges to ex...

This vulnerability allows malicious local administrators to execute arbitrary operating system commands with root privileges by exploiting improper in...

This vulnerability in SINEC INS allows malicious administrators to upload specially crafted certificates through the RADIUS configuration mechanism, b...

Dell DM5500 5.14.0.0 contains an OS command injection vulnerability that allows authenticated attackers with high privileges to execute arbitrary oper...

This vulnerability allows authenticated users with Learning Path upload permissions to execute arbitrary commands on the server through command inject...

This critical vulnerability allows remote attackers to execute arbitrary operating system commands on Tecno 4G Portable WiFi devices via command injec...

CVE-2023-47675 is an OS command injection vulnerability in CubeCart e-commerce software that allows authenticated administrators to execute arbitrary ...

This vulnerability allows authenticated attackers to execute arbitrary commands on affected Hanwha Vision cameras through command injection in request...

This vulnerability allows remote attackers with administrator privileges to execute arbitrary commands on Chunghwa Telecom NOKIA G-040W-Q routers thro...

This vulnerability allows authenticated remote attackers with valid device credentials (no admin privileges required) to execute arbitrary commands on...

This vulnerability in Cisco IOS XE Software allows authenticated remote attackers to execute arbitrary commands with root privileges via the web UI. A...

CVE-2023-33839 is an OS command injection vulnerability in IBM Security Verify Governance 10.0 that allows authenticated remote attackers to execute a...

An authenticated OS command injection vulnerability in Peplink Surf SOHO HW1 routers allows attackers to execute arbitrary commands via specially craf...

This CVE describes an OS command injection vulnerability in Peplink Surf SOHO HW1 routers that allows authenticated attackers to execute arbitrary com...

This vulnerability allows authenticated attackers to execute arbitrary operating system commands on Peplink Surf SOHO HW1 devices via command injectio...

This vulnerability allows remote authenticated attackers with privileged access to execute arbitrary commands on Dolibarr ERP CRM systems. Attackers c...

This vulnerability allows authenticated attackers with administrator or privileged accounts in SUNNET WMPro portal to execute arbitrary system command...

This vulnerability allows authenticated privileged users in Cacti 1.2.24 to perform command injection through SNMP device configuration, leading to re...

CVE-2022-43907 is an OS command injection vulnerability in IBM Security Guardium that allows authenticated remote attackers to execute arbitrary comma...

This vulnerability allows remote attackers to execute arbitrary commands on TN-5900 Series devices due to insufficient input validation in the certifi...

This CVE describes a command injection vulnerability in Moxa TN-4900 and TN-5900 series industrial routers. Insufficient input validation in certifica...

This vulnerability allows remote attackers with SNMPv2 write privileges to gain full administrative access to PHOENIX CONTACT WP 6xxx series web panel...

CVE-2023-21411 is an OS command injection vulnerability in Axis camera access control settings that allows authenticated attackers to execute arbitrar...

CVE-2023-35019 is an OS command injection vulnerability in IBM Security Verify Governance, Identity Manager 10.0 that allows authenticated remote atta...

This vulnerability allows authenticated OTRS administrators to execute arbitrary commands on the server through improper input sanitization in the Sys...

This vulnerability allows privileged attackers to execute arbitrary bash commands on FortiWeb web application firewalls through crafted CLI backup par...

Two OS command injection vulnerabilities in the zebra vlan_name functionality of Milesight UR32L routers allow remote attackers to execute arbitrary c...

This CVE describes an OS command injection vulnerability in the ys_thirdparty system_user_script functionality of Milesight UR32L routers. Attackers c...

This CVE describes an OS command injection vulnerability in multiple NEC Aterm router models that allows authenticated attackers with high privileges ...

This vulnerability allows authenticated users with elevated privileges in Lenovo XClarity Administrator (LXCA) to execute arbitrary commands through c...

This CVE describes a command injection vulnerability in the MitraStar GPT-2741GNAC router's ping functionality. Authenticated users can execute arbitr...

This vulnerability allows authenticated attackers with administrator privileges to execute arbitrary operating system commands on affected Zyxel NAS32...

This CVE describes an OS command injection vulnerability in Parks Fiberlink 210 routers that allows attackers to execute arbitrary commands on the dev...

This vulnerability allows authenticated users with administrative privileges to execute arbitrary operating system commands on affected Wi-Fi AP UNIT ...