CWE-78: OS Command Injection

This CVE describes a command injection vulnerability in the MitraStar GPT-2741GNAC router's ping functionality. Authenticated users can execute arbitr...

This vulnerability allows authenticated attackers with administrator privileges to execute arbitrary operating system commands on affected Zyxel NAS32...

This CVE describes an OS command injection vulnerability in Parks Fiberlink 210 routers that allows attackers to execute arbitrary commands on the dev...

This vulnerability allows authenticated users with administrative privileges to execute arbitrary operating system commands on affected Wi-Fi AP UNIT ...

This vulnerability allows authenticated attackers with root/administrator privileges to execute arbitrary OS commands through improper input validatio...

CVE-2023-28742 is an authenticated remote command execution vulnerability in F5 BIG-IP DNS iQuery mesh functionality. An authenticated attacker with n...

This CVE describes an OS command injection vulnerability in Fortinet FortiWeb web application firewalls. Attackers can execute arbitrary commands on a...

This CVE describes an OS command injection vulnerability in Barracuda CloudGen WAN Private Edge Gateway devices. Authenticated attackers can execute a...

This is a post-authentication command injection vulnerability in Zyxel firewall devices that allows authenticated administrators to execute arbitrary ...

This vulnerability allows authenticated administrators on SerComm h500s devices to execute arbitrary operating system commands as root via command inj...

This CVE describes an authenticated remote command injection vulnerability in Aruba ClearPass Policy Manager. Attackers with valid credentials can exe...

This vulnerability allows authenticated attackers to execute arbitrary operating system commands on FortiWAN devices through the web GUI. Attackers ca...

This CVE describes an OS command injection vulnerability in Reolink RLC-410W IP cameras. Attackers can execute arbitrary commands on the device by inj...

This CVE describes an OS command injection vulnerability in Reolink RLC-410W cameras where an attacker can execute arbitrary commands by manipulating ...

CVE-2020-28884 is an OS command injection vulnerability in Liferay Portal Server that allows authenticated administrators to execute arbitrary operati...

Dell VNX2 OE for File versions 8.1.21.266 and earlier contain an authenticated remote code execution vulnerability. A malicious user with valid creden...

CVE-2021-3584 is a server-side remote code execution vulnerability in Foreman that allows authenticated attackers to inject malicious commands through...

This CVE allows remote attackers to execute arbitrary commands on affected HPE Aruba Instant Access Points (IAPs) without authentication. The vulnerab...

This CVE allows remote attackers to execute arbitrary commands on affected HPE Aruba Instant Access Points (IAPs) without authentication. The vulnerab...

This vulnerability allows authenticated attackers on the Telus Wi-Fi Hub's local network to execute arbitrary commands with root privileges. Attackers...

This CVE describes a command injection vulnerability in multiple IP camera devices from UDP Technology, Geutebrück, and other vendors. Attackers can ...

This CVE describes a command injection vulnerability in multiple IP camera devices from UDP Technology, Geutebrück, and other vendors. Attackers can ...

This vulnerability allows authenticated users in Redaxo CMS to execute arbitrary PHP code on the server by uploading malicious modules. It affects Red...

This CVE describes an authenticated command injection vulnerability in Siemens SINEC NMS that allows administrative users to execute arbitrary system ...

This CVE allows remote attackers to execute arbitrary commands on affected Aruba switches by exploiting improper neutralization of special elements in...

This vulnerability allows authenticated attackers to execute arbitrary operating system commands on Mimosa wireless devices through command injection ...

This vulnerability allows remote attackers to execute arbitrary commands on D-LINK DIR-3040 routers by sending specially crafted network requests to t...

CVE-2021-34610 is a remote command execution vulnerability in Aruba ClearPass Policy Manager that allows attackers to execute arbitrary commands on af...

This vulnerability allows authenticated high-privilege attackers to execute arbitrary system commands on Weidmueller Industrial WLAN devices by inject...

This vulnerability allows remote authenticated attackers to execute arbitrary operating system commands on IBM Security Guardium systems by sending sp...

This CVE describes a command injection vulnerability in Avaya Session Border Controller for Enterprise that allows authenticated remote attackers to e...

This vulnerability allows remote attackers with administrator access to ASUS BMC firmware to execute arbitrary commands via command injection in the W...

This vulnerability allows remote attackers with administrative privileges in baserCMS to execute arbitrary operating system commands. It affects baser...

CVE-2021-26962 is a remote authenticated command injection vulnerability in Aruba AirWave Management Platform that allows authenticated attackers to e...

This CVE describes a remote authenticated command injection vulnerability in Aruba ClearPass Policy Manager that allows authenticated attackers to exe...

This CVE describes a remote authenticated command injection vulnerability in Aruba ClearPass Policy Manager. Authenticated attackers can execute arbit...

This CVE describes a remote authenticated command injection vulnerability in Aruba ClearPass Policy Manager. Authenticated attackers can execute arbit...

This vulnerability allows remote attackers with administrator privileges in FileZen to execute arbitrary operating system commands. It affects FileZen...

CVE-2020-35578 is an OS command injection vulnerability in Nagios XI's Manage Plugins page that allows authenticated admin users to execute arbitrary ...

This vulnerability allows authenticated management users on SonicWall SMA100 appliances to execute arbitrary operating system commands via HTTP POST p...

This vulnerability allows authenticated remote attackers to execute arbitrary operating system commands with elevated privileges on Trend Micro InterS...

This vulnerability allows remote authenticated admin users in Nagios XI 5.7.3 to execute arbitrary operating system commands with apache user privileg...

CVE-2020-2038 is an OS command injection vulnerability in PAN-OS management interfaces that allows authenticated administrators to execute arbitrary o...

This vulnerability allows attackers with administrator cookies to inject malicious commands through improperly validated URLs in Cellopoint CelloOS. I...

CVE-2020-16205 is an OS command injection vulnerability in Geutebruck G-Cam and G-Code devices that allows remote authenticated attackers to execute a...

This CVE allows remote attackers to execute arbitrary operating system commands on affected GPON ONU devices by injecting shell metacharacters into th...

CVE-2020-4512 is an OS command injection vulnerability in IBM QRadar SIEM that allows authenticated privileged users to execute arbitrary commands on ...

This CVE describes an OS command injection vulnerability in PAN-OS management interfaces that allows authenticated administrators to execute arbitrary...

This vulnerability allows authenticated remote attackers with administrative privileges to execute arbitrary commands on Cisco TelePresence and RoomOS...

An OS command injection vulnerability in PAN-OS management server allows authenticated administrators to execute arbitrary OS commands with root privi...