CWE-78: OS Command Injection

This vulnerability allows physically present attackers to execute arbitrary code with root privileges on Kenwood DMX958XR car multimedia systems by ex...

This vulnerability allows physically present attackers to execute arbitrary code with root privileges on Kenwood DMX958XR car multimedia receivers by ...

This vulnerability allows physically present attackers to execute arbitrary code with root privileges on Kenwood DMX958XR car multimedia systems by ex...

A command injection vulnerability in Poly Clariti Manager versions before 10.12.2 allows privileged users to execute arbitrary commands on the system....

This vulnerability in the ns_backup TYPO3 extension allows attackers to execute arbitrary commands on the server through command injection. It affects...

This CVE describes an OS command injection vulnerability in TOTOLINK X5000R routers where an attacker can execute arbitrary commands via the 'week' pa...

This CVE describes an OS command injection vulnerability in TOTOLINK X5000R routers via the 'desc' parameter in the setWiFiScheduleCfg function. Attac...

This vulnerability allows a malicious or compromised MacPorts mirror to execute arbitrary commands with root privileges on client machines during the ...

CVE-2024-56137 is a remote command execution vulnerability in MaxKB's function library module that allows privileged users to execute arbitrary operat...

This vulnerability allows remote authenticated attackers to execute arbitrary commands on IBM Security Directory Integrator systems by sending special...

This vulnerability allows remote attackers to execute arbitrary operating system commands on affected TOTOLINK routers via the /boafrm/formSysCmd comp...

This vulnerability allows physically present attackers to execute arbitrary code on Visteon infotainment systems by exploiting command injection in th...

This vulnerability allows physically present attackers to execute arbitrary code on Visteon infotainment systems by injecting commands through crafted...

This vulnerability allows authenticated attackers with administrator privileges on the local network to execute arbitrary operating system commands on...

This vulnerability allows physically present attackers to execute arbitrary code with root privileges on Alpine Halo9 infotainment systems without aut...

CVE-2024-39607 is an OS command injection vulnerability in ELECOM wireless LAN routers that allows authenticated administrators to execute arbitrary o...

An authenticated command injection vulnerability in HPE Aruba EdgeConnect SD-WAN gateways allows attackers with CLI access to execute arbitrary comman...

This CVE describes a command injection vulnerability in TOTOLINK A6000R routers that allows attackers to execute arbitrary commands on the device. The...

This vulnerability allows network-adjacent attackers with Telnet credentials to execute arbitrary commands as root on D-Link DAP-2622 access points. T...

This vulnerability allows network-adjacent attackers to execute arbitrary code with root privileges on D-Link DIR-1935 routers by bypassing authentica...

This vulnerability allows network-adjacent attackers to execute arbitrary code as root on D-Link DIR-1935 routers by bypassing authentication and expl...

This vulnerability allows authenticated attackers on the same network to bypass authentication and execute arbitrary code with root privileges on D-Li...

This vulnerability allows authenticated attackers on the same network to execute arbitrary code with root privileges on D-Link DIR-1935 routers by exp...

A command injection vulnerability in the AOS-CX Operating System allows authenticated remote attackers to execute arbitrary commands on affected syste...

This CVE describes an OS command injection vulnerability in Dell PowerProtect Data Domain systems. A high-privileged attacker with local access can ex...

This CVE describes an OS command injection vulnerability in Dell PowerProtect Data Domain systems running affected DD OS versions. A high-privileged a...

This CVE describes an OS command injection vulnerability in Dell PowerProtect Data Domain systems running affected DD OS versions. A high-privileged a...

This CVE describes an OS command injection vulnerability in Dell PowerProtect Data Domain systems running affected DD OS versions. A high-privileged a...

This CVE describes an OS command injection vulnerability in Dell PowerProtect Data Domain systems running affected DD OS versions. A high-privileged a...

Dell Cloud Disaster Recovery versions before 19.20 contain an OS command injection vulnerability that allows high-privileged local attackers to execut...

This vulnerability in EdgeConnect SD-WAN's command line interface allows authenticated attackers to execute arbitrary operating system commands throug...

This CVE describes an OS command injection vulnerability in Fortinet FortiWeb's command-line interface that allows privileged attackers to execute arb...

This CVE describes an OS command injection vulnerability in Dell PowerProtect Data Domain's DDSH CLI. A high-privileged attacker with local access can...

This CVE describes an OS command injection vulnerability in Dell PowerProtect Data Domain's DDSH CLI. A high-privileged attacker with local access can...

This vulnerability allows a high-privileged attacker with local access to execute arbitrary OS commands with root privileges on Dell PowerProtect Data...

A local privilege escalation vulnerability in Juniper Junos OS and Junos OS Evolved allows high-privileged local attackers to execute arbitrary comman...

This CVE describes an OS command injection vulnerability in Fortinet FortiManager and FortiAnalyzer products. Attackers can execute arbitrary commands...

This CVE describes an OS command injection vulnerability in Fortinet FortiMail and FortiRecorder products. Attackers with CLI access can execute arbit...

This CVE describes an OS command injection vulnerability in Fortinet FortiVoice phone systems. Authenticated privileged attackers can execute arbitrar...

This CVE describes an OS command injection vulnerability in Fortinet FortiAP devices that allows local authenticated attackers to execute arbitrary co...

This CVE describes OS command injection vulnerabilities in Fortinet FortiManager and FortiAnalyzer products. Authenticated privileged attackers can ex...

CVE-2025-48069 is a command injection vulnerability in ejson2env versions before 2.0.8 where insufficient output sanitization allows malicious content...

This OS command injection vulnerability in Drupal AI allows attackers to execute arbitrary operating system commands on the server. It affects Drupal ...

This OS command injection vulnerability in Fortinet FortiWeb allows attackers to execute arbitrary commands on affected devices by sending specially c...

This CVE describes an OS command injection vulnerability in UD-LT2 firmware that allows authenticated CLI users to execute arbitrary operating system ...

This vulnerability allows attackers with administrative privileges in BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) to inject com...

This CVE describes an OS command injection vulnerability in Fortinet FortiDDoS and FortiDDoS-F products. An authenticated attacker can execute arbitra...

This CVE describes an OS command injection vulnerability in QNAP Media Streaming add-on that allows authenticated administrators to execute arbitrary ...

This vulnerability allows authenticated administrators on Cisco UCS Manager to execute arbitrary operating system commands with root privileges due to...

This CVE describes an OS command injection vulnerability in Dell PowerProtect Data Domain systems running affected DD OS versions. A high-privileged a...