CWE-78: OS Command Injection

CVE-2022-33328 is a critical command injection vulnerability in Robustel R1510 routers that allows remote attackers to execute arbitrary commands via ...

This CVE describes a command injection vulnerability in D-Link DIR-645 routers where attackers can execute arbitrary commands via the QUERY_STRING par...

CVE-2022-31767 is a critical OS command injection vulnerability in IBM CICS TX that allows remote attackers to execute arbitrary commands on affected ...

CVE-2022-26147 is an OS command injection vulnerability in Quectel RG502Q-EA modems that allows attackers to execute arbitrary commands with root priv...

This CVE describes an OS command injection vulnerability in TRENDnet TEW-831DR routers that allows authenticated attackers to execute arbitrary shell ...

This vulnerability allows unauthenticated attackers to execute arbitrary operating system commands on WAVLINK AERIAL X 1200M routers by sending specia...

This vulnerability allows remote attackers to execute arbitrary code on Tenda AC18 routers by sending specially crafted requests to the Mac parameter ...

CVE-2022-30308 allows unauthenticated attackers to execute arbitrary system commands with root privileges on Festo CECC-X-M1 controllers via command i...

This vulnerability allows unauthenticated attackers to execute arbitrary system commands with root privileges on Festo Controller CECC-X-M1 devices. A...

CVE-2022-1986 is an OS command injection vulnerability in Gogs (a self-hosted Git service) that allows attackers to execute arbitrary commands on the ...

CVE-2021-42890 is a critical remote command injection vulnerability in TOTOLINK EX1200T routers that allows unauthenticated attackers to execute arbit...

CVE-2021-42884 is a remote command injection vulnerability in TOTOLINK EX1200T routers that allows unauthenticated attackers to execute arbitrary comm...

This CVE describes a command injection vulnerability in TOTOLINK EX1200T routers that allows remote attackers to execute arbitrary commands on affecte...

This CVE describes an OS command injection vulnerability in the Turistforeningen node-s3-uploader npm package for Node.js. Attackers can execute arbit...

This CVE describes an OS command injection vulnerability in Mintzo Docker-Tester that allows attackers to execute arbitrary commands on the host syste...

This vulnerability allows attackers to execute arbitrary operating system commands on systems running the vulnerable proctree Node.js package. Attacke...

This CVE-2022-1813 is an OS command injection vulnerability in the rengine reconnaissance tool that allows attackers to execute arbitrary commands on ...

Belkin N300 routers running firmware version 1.00.08 contain multiple remote command injection vulnerabilities in the /setting_hidden.asp script. Atta...

This vulnerability allows remote attackers to execute arbitrary operating system commands on affected FUJITSU Network IPCOM devices through the web co...

CVE-2022-1357 is a critical OS command injection vulnerability in Cambium Networks cnMaestro On-Premise that allows unauthenticated attackers to execu...

This vulnerability allows remote attackers to execute arbitrary commands on FeMiner wms V1.0 systems by exploiting improper input validation in the da...

This vulnerability allows remote attackers to execute arbitrary commands on TOTOLink N600R routers by injecting malicious commands into the devicename...

This vulnerability allows remote attackers to execute arbitrary commands on TOTOLink N600R routers via command injection in the firmware upgrade filen...

This CVE describes a command injection vulnerability in D-Link DIR-816 routers that allows attackers to execute arbitrary commands on the device. Atta...

This CVE describes a command injection vulnerability in D-Link DIR882 routers that allows attackers to execute arbitrary commands with root privileges...

This CVE describes a command injection vulnerability in D-Link DIR882 routers that allows attackers to execute arbitrary commands with root privileges...

This CVE describes a command injection vulnerability in TOTOLink N600R routers where an attacker can execute arbitrary commands via the langtype param...

This vulnerability allows remote attackers to execute arbitrary commands on TOTOLink N600R routers via command injection in the ipdoamin parameter. At...

This CVE describes a command injection vulnerability in TOTOlink A7100RU routers that allows attackers to execute arbitrary commands on the device. At...

This CVE describes a command injection vulnerability in TOTOlink A7100RU routers that allows attackers to execute arbitrary commands on the device. At...

This CVE describes an OS command injection vulnerability in Artica Proxy's cyrus.events.php file. Attackers can execute arbitrary operating system com...

This CVE describes a command injection vulnerability in Tenda AC15 routers that allows attackers to execute arbitrary commands on the device. When com...

CVE-2022-28055 is a command injection vulnerability in FusionPBX's email log download function that allows authenticated attackers to execute arbitrar...

CVE-2022-28573 is a critical command injection vulnerability in D-Link DIR-823-Pro routers that allows attackers to execute arbitrary system commands ...

D-Link DIR-882 routers running firmware version A1_FW130B06 contain a command injection vulnerability in the /usr/bin/cli binary. This allows authenti...

This vulnerability allows remote attackers to execute arbitrary operating system commands on Telesquare SDT-CW3B1 devices without authentication. Atta...

CVE-2022-1440 is a command injection vulnerability in git-interface@2.1.1 that allows attackers to execute arbitrary operating system commands by expl...

The npm-dependency-versions package through version 0.3.0 contains a command injection vulnerability that allows attackers to execute arbitrary shell ...

CVE-2022-27268 is a remote code execution vulnerability in InHand Networks InRouter 900 Industrial 4G Router that allows attackers to execute arbitrar...

CVE-2022-27270 is a remote code execution vulnerability in InHand Networks InRouter 900 Industrial 4G Routers that allows attackers to execute arbitra...

CVE-2022-27272 is a remote code execution vulnerability in InHand Networks InRouter 900 Industrial 4G Router that allows attackers to execute arbitrar...

CVE-2022-27274 is a critical remote code execution vulnerability in InHand Networks InRouter 900 Industrial 4G Routers. Attackers can execute arbitrar...

CVE-2022-27276 is a remote code execution vulnerability in InHand Networks InRouter 900 Industrial 4G Router that allows attackers to execute arbitrar...

This CVE describes a command injection vulnerability in the Wavlink WL-WN531P3 router's API that allows remote attackers to execute arbitrary commands...

CVE-2021-46007 is a critical command injection vulnerability in TOTOLINK A3100R routers that allows attackers to execute arbitrary operating system co...

This vulnerability allows unauthenticated remote attackers to execute arbitrary commands on D-Link DIR-820L routers via HTTP POST requests to the 'get...

CVE-2022-27811 is a critical OS command injection vulnerability in GNOME OCRFeeder that allows attackers to execute arbitrary commands on the system b...

CVE-2022-26290 is a command injection vulnerability in Tenda M3 routers that allows attackers to execute arbitrary commands on the device. This affect...

CVE-2022-26265 is a critical remote command execution vulnerability in Contao Managed Edition v1.5.0 that allows attackers to execute arbitrary comman...

This vulnerability allows remote attackers to execute arbitrary commands on Tenda AC9 routers via the SetIPTVCfg function. Attackers can gain full con...