CWE-78: OS Command Injection

This CVE describes a command injection vulnerability in TOTOLINK A3300R routers that allows attackers to execute arbitrary commands on the device. Att...

This CVE describes a command injection vulnerability in TOTOLINK A3300R routers, allowing attackers to execute arbitrary commands via the url paramete...

CVE-2023-38319 is a command injection vulnerability in OpenNDS that allows attackers with access to the configuration file to execute arbitrary operat...

CVE-2023-38317 is a command injection vulnerability in OpenNDS that allows attackers with access to the configuration file to execute arbitrary operat...

This vulnerability allows remote attackers to execute arbitrary commands on TOTOlink EX1800T routers by exploiting improper input validation in the se...

This CVE describes a command injection vulnerability in TOTOLINK A3300R routers via the ip parameter in the setDmzCfg function. Attackers can execute ...

This CVE describes a command injection vulnerability in TOTOLINK A3300R routers that allows attackers to execute arbitrary commands on the device. Att...

This CVE describes a command injection vulnerability in TOTOLINK A3300R routers that allows attackers to execute arbitrary commands via the pass param...

CVE-2023-51984 is a critical command injection vulnerability in D-Link DIR-822+ routers that allows remote attackers to execute arbitrary commands wit...

This vulnerability allows remote attackers to execute arbitrary commands on TOTOlink A3700R routers via the setDiagnosisCfg function. Attackers can ga...

This vulnerability allows remote attackers to execute arbitrary code on D-Link DIR-815 routers by sending a specially crafted POST request to the soap...

Tenda M3 routers running firmware version 1.0.0.12(4856) contain a command injection vulnerability in the TendaTelnet function. This allows remote att...

This CVE describes a command injection vulnerability in Tenda W9 routers that allows attackers to execute arbitrary commands on the device. Attackers ...

This CVE describes a command injection vulnerability in Tenda W9 routers that allows attackers to execute arbitrary commands on the device. The vulner...

This vulnerability allows unauthenticated attackers to execute arbitrary commands on AVEVA Edge systems. It affects all versions R2020 and prior, pote...

This vulnerability allows remote attackers to execute arbitrary operating system commands on Dasan Networks W-Web devices through improper input sanit...

This vulnerability allows remote attackers to execute arbitrary shell commands on GL.iNET GL-AR300M routers by injecting malicious commands into packa...

This vulnerability allows remote attackers to execute arbitrary system commands on DrayTek Vigor167 routers via OS command injection in the CLI interf...

This CVE describes a command injection vulnerability in TOTOLINK X6000R routers where improper input validation in the shttpd component allows attacke...

This CVE describes a command injection vulnerability in TOTOLINK X6000R routers where improper input validation in the shttpd component allows attacke...

This CVE describes a command injection vulnerability in TOTOLINK X6000R routers where improper input validation in the shttpd component allows attacke...

This vulnerability allows remote attackers to execute arbitrary commands on TOTOLINK X6000R routers by exploiting improper input validation in the sht...

This vulnerability allows remote attackers to execute arbitrary commands on TOTOLINK X6000R routers by exploiting improper input validation in the sht...

An unauthenticated command injection vulnerability in Zyxel NAS web servers allows attackers to execute arbitrary OS commands by sending specially cra...

This critical command injection vulnerability in Zyxel NAS devices allows unauthenticated attackers to execute arbitrary operating system commands via...

This critical OS command injection vulnerability in NEC DT900/DT900S Series allows attackers to execute arbitrary commands on affected devices. All ve...

CVE-2023-3368 is an unauthenticated command injection vulnerability in Chamilo LMS that allows remote attackers to execute arbitrary commands on affec...

This critical vulnerability allows unauthenticated remote attackers to execute arbitrary system commands with root privileges through the web-based ma...

This vulnerability allows unauthenticated remote attackers to execute arbitrary operating system commands on systems running vulnerable versions of Ra...

This CVE describes an OS command injection vulnerability in Fortinet FortiSIEM that allows attackers to execute arbitrary commands on affected systems...

This vulnerability in tinyfiledialogs allows shell command injection through insufficient input sanitization of shell metacharacters in dialog titles ...

This vulnerability allows remote attackers to execute arbitrary commands on Netis N3Mv2 routers by injecting malicious input into the ntpServIP parame...

This CVE describes an OS command injection vulnerability in Fortinet FortiWLM that allows attackers to execute arbitrary commands on affected systems ...

This vulnerability allows remote attackers to execute arbitrary operating system commands on Fortinet FortiWLM devices through crafted HTTP GET reques...

Sangfor Next-Gen Application Firewall NGAF8.0.17 has an unauthenticated remote command injection vulnerability in the /LogInOut.php endpoint. Attacker...

CVE-2023-33269 is a critical OS command injection vulnerability in DTS Monitoring 3.57.0 that allows attackers to execute arbitrary commands on the un...

This vulnerability allows remote attackers to execute arbitrary operating system commands on DTS Monitoring servers through command injection in the S...

CVE-2023-33273 is a critical OS command injection vulnerability in DTS Monitoring 3.57.0 that allows attackers to execute arbitrary commands on the se...

This CVE describes a command injection vulnerability in Netis N3Mv2 routers version V1.0.1.865. Attackers can execute arbitrary commands on the device...

This vulnerability allows remote attackers to execute arbitrary code on PGYER CodeFever systems by sending a specially crafted request to the branchLi...

An OS command injection vulnerability in EasyPHP Webserver 14.1 allows attackers to execute arbitrary commands on the underlying operating system by s...

This vulnerability allows remote attackers to execute arbitrary operating system commands on Freewill iFIS (SMART Trade) servers by injecting shell me...

CVE-2023-41149 is an OS command injection vulnerability in F-RevoCRM versions 7.3.7 and 7.3.8 that allows authenticated attackers to execute arbitrary...

CVE-2023-40582 is a command injection vulnerability in find-exec utility versions before 1.0.3 that allows attackers to execute arbitrary shell comman...

This vulnerability allows remote command execution on Tenda AC6 routers by exploiting unfiltered input in the formSetIptv function. Attackers can exec...

This vulnerability allows remote attackers to execute arbitrary commands on Tenda AC6 routers by sending specially crafted requests to the 'formSetIpt...

CVE-2023-41109 is an unauthenticated OS command injection vulnerability in SmartNode SN200 devices. Attackers can execute arbitrary commands on affect...

This CVE describes an OS command injection vulnerability in specific ELECOM wireless LAN routers, allowing attackers with access to the device to exec...

CVE-2023-38692 is a critical command injection vulnerability in CloudExplorer Lite's module management installation function that allows attackers to ...

CVE-2023-33374 allows remote attackers to execute arbitrary operating system commands on Connected IO devices by abusing a management protocol feature...