Search
Total
1192 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-19907 | 1 Craftercms | 1 Crafter Cms | 2018-12-26 | 6.5 MEDIUM | 8.8 HIGH |
| A Server-Side Template Injection issue was discovered in Crafter CMS 3.0.18. Attackers with developer privileges may execute OS commands by Creating/Editing a template file (.ftl filetype) that triggers a call to freemarker.template.utility.Execute in the FreeMarker library during rendering of a web page. | |||||
| CVE-2018-12316 | 1 Asustor | 2 As602t, Data Master | 2018-12-21 | 9.0 HIGH | 8.8 HIGH |
| OS Command Injection in upload.cgi in ASUSTOR ADM version 3.1.1 allows attackers to execute system commands by modifying the filename POST parameter. | |||||
| CVE-2018-12307 | 1 Asustor | 2 As602t, Data Master | 2018-12-20 | 9.0 HIGH | 8.8 HIGH |
| OS command injection in user.cgi in ASUSTOR ADM version 3.1.1 allows attackers to execute system commands as root via the "name" POST parameter. | |||||
| CVE-2018-12312 | 1 Asustor | 2 As602t, Data Master | 2018-12-20 | 9.0 HIGH | 8.8 HIGH |
| OS command injection in user.cgi in ASUSTOR ADM version 3.1.1 allows attackers to execute system commands as root via the "secret_key" URL parameter. | |||||
| CVE-2015-6396 | 1 Cisco | 6 Rv110w Wireless-n Vpn Firewall, Rv110w Wireless-n Vpn Firewall Firmware, Rv130w Wireless-n Multifunction Vpn Router and 3 more | 2018-12-15 | 7.2 HIGH | 7.8 HIGH |
| The CLI command parser on Cisco RV110W, RV130W, and RV215W devices allows local users to execute arbitrary shell commands as an administrator via crafted parameters, aka Bug IDs CSCuv90134, CSCux58161, and CSCux73567. | |||||
| CVE-2018-10587 | 1 Netgain-systems | 1 Enterprise Manager | 2018-12-12 | 9.0 HIGH | 7.2 HIGH |
| NetGain Enterprise Manager (EM) is affected by OS Command Injection vulnerabilities in versions before 10.0.57. These vulnerabilities could allow remote authenticated attackers to inject arbitrary code, resulting in remote code execution. | |||||
| CVE-2018-19070 | 2 Foscam, Opticam | 6 C2, C2 Application Firmware, C2 System Firmware and 3 more | 2018-12-11 | 9.0 HIGH | 7.2 HIGH |
| An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. They allow remote attackers to execute arbitrary OS commands via shell metacharacters in the usrName parameter of a CGIProxy.fcgi addAccount action. | |||||
| CVE-2018-19073 | 2 Foscam, Opticam | 6 C2, C2 Application Firmware, C2 System Firmware and 3 more | 2018-12-11 | 9.0 HIGH | 7.2 HIGH |
| An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. They allow attackers to execute arbitrary OS commands via shell metacharacters in the modelName, by leveraging /mnt/mtd/app/config/ProductConfig.xml write access. | |||||
| CVE-2018-3937 | 1 Sony | 28 Snc-eb600, Snc-eb600 Firmware, Snc-eb600b and 25 more | 2018-11-16 | 6.5 MEDIUM | 7.2 HIGH |
| An exploitable command injection vulnerability exists in the measurementBitrateExec functionality of Sony IPELA E Series Network Camera G5 firmware 1.87.00. A specially crafted GET request can cause arbitrary commands to be executed. An attacker can send an HTTP request to trigger this vulnerability. | |||||
| CVE-2018-16282 | 1 Moxa | 2 Edr-810, Edr-810 Firmware | 2018-11-05 | 9.0 HIGH | 8.8 HIGH |
| A command injection vulnerability in the web server functionality of Moxa EDR-810 V4.2 build 18041013 allows remote attackers to execute arbitrary OS commands with root privilege via the caname parameter to the /xml/net_WebCADELETEGetValue URI. | |||||
| CVE-2018-15887 | 1 Asus | 2 Dsl-n12e C1, Dsl-n12e C1 Firmware | 2018-11-05 | 6.5 MEDIUM | 8.8 HIGH |
| Main_Analysis_Content.asp in ASUS DSL-N12E_C1 1.1.2.3_345 is prone to Authenticated Remote Command Execution, which allows a remote attacker to execute arbitrary OS commands via service parameters, such as shell metacharacters in the destIP parameter of a cmdMethod=ping request. | |||||
| CVE-2018-15553 | 1 Telus | 2 Actiontec T2200h, Actiontec T2200h Firmware | 2018-11-01 | 9.0 HIGH | 8.8 HIGH |
| fileshare.cmd on Telus Actiontec T2200H T2200H-31.128L.03 devices allows OS Command Injection via shell metacharacters in the smbdUserid or smbdPasswd field. | |||||
| CVE-2018-16334 | 1 Tendacn | 4 Ac10, Ac10 Firmware, Ac9 and 1 more | 2018-10-25 | 9.0 HIGH | 8.8 HIGH |
| An issue was discovered on Tenda AC9 V15.03.05.19(6318)_CN and AC10 V15.03.06.23_CN devices. The mac parameter in a POST request is used directly in a doSystemCmd call, causing OS command injection. | |||||
| CVE-2018-15154 | 1 Open-emr | 1 Openemr | 2018-10-10 | 6.5 MEDIUM | 8.8 HIGH |
| OS command injection occurring in versions of OpenEMR before 5.0.1.4 allows a remote authenticated attacker to execute arbitrary commands by making a crafted request to interface/billing/sl_eob_search.php after modifying the "print_command" global variable in interface/super/edit_globals.php. | |||||
| CVE-2018-15153 | 1 Open-emr | 1 Openemr | 2018-10-10 | 6.5 MEDIUM | 8.8 HIGH |
| OS command injection occurring in versions of OpenEMR before 5.0.1.4 allows a remote authenticated attacker to execute arbitrary commands by making a crafted request to interface/main/daemon_frame.php after modifying the "hylafax_server" global variable in interface/super/edit_globals.php. | |||||
| CVE-2018-15155 | 1 Open-emr | 1 Openemr | 2018-10-10 | 6.5 MEDIUM | 8.8 HIGH |
| OS command injection occurring in versions of OpenEMR before 5.0.1.4 allows a remote authenticated attacker to execute arbitrary commands by making a crafted request to interface/fax/fax_dispatch.php after modifying the "hylafax_enscript" global variable in interface/super/edit_globals.php. | |||||
| CVE-2018-15156 | 1 Open-emr | 1 Openemr | 2018-10-10 | 6.5 MEDIUM | 8.8 HIGH |
| OS command injection occurring in versions of OpenEMR before 5.0.1.4 allows a remote authenticated attacker to execute arbitrary commands by making a crafted request to interface/fax/faxq.php after modifying the "hylafax_server" global variable in interface/super/edit_globals.php. | |||||
| CVE-2015-7611 | 1 Apache | 1 James Server | 2018-10-09 | 9.3 HIGH | 8.1 HIGH |
| Apache James Server 2.3.2, when configured with file-based user repositories, allows attackers to execute arbitrary system commands via unspecified vectors. | |||||
| CVE-2015-2280 | 1 Airlink101 | 2 Skyipcam1620w Wireless N Mpeg4 3gpp, Skyipcam1620w Wireless N Mpeg4 3gpp Firmware | 2018-10-09 | 9.0 HIGH | 8.8 HIGH |
| snwrite.cgi in AirLink101 SkyIPCam1620W Wireless N MPEG4 3GPP network camera with firmware FW_AIC1620W_1.1.0-12_20120709_r1192.pck allows remote authenticated users to execute arbitrary OS commands via shell metacharacters in the mac parameter. | |||||
| CVE-2018-12483 | 1 Ocsinventory-ng | 1 Ocsinventory Ng | 2018-10-02 | 9.0 HIGH | 8.8 HIGH |
| OCS Inventory 2.4.1 is prone to a remote command-execution vulnerability. Specifically, this issue occurs because the content of the ipdiscover_analyser rzo GET parameter is concatenated to a string used in an exec() call in the PHP code. Authentication is needed in order to exploit this vulnerability. | |||||
| CVE-2018-4010 | 1 Protonvpn | 1 Protonvpn | 2018-09-20 | 7.2 HIGH | 8.8 HIGH |
| An exploitable code execution vulnerability exists in the connect functionality of ProtonVPN VPN client 1.5.1. A specially crafted configuration file can cause a privilege escalation, resulting in the ability to execute arbitrary commands with the system's privileges. | |||||
| CVE-2018-3952 | 1 Nordvpn | 1 Nordvpn | 2018-09-20 | 7.2 HIGH | 8.8 HIGH |
| An exploitable code execution vulnerability exists in the connect functionality of NordVPN 6.14.28.0. A specially crafted configuration file can cause a privilege escalation, resulting in the execution of arbitrary commands with system privileges. | |||||
| CVE-2018-0569 | 1 Basercms | 1 Basercms | 2018-08-21 | 6.5 MEDIUM | 8.8 HIGH |
| baserCMS (baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and earlier versions) allows remote authenticated attackers to execute arbitrary OS commands via unspecified vectors. | |||||
| CVE-2018-12591 | 1 Ubnt | 2 Edgeswitch, Edgeswitch Firmware | 2018-08-13 | 9.0 HIGH | 7.2 HIGH |
| Ubiquiti Networks EdgeSwitch version 1.7.3 and prior suffer from an improperly neutralized element in an OS command due to lack of protection on the admin CLI, leading to code execution and privilege escalation greater than administrators themselves are allowed. An attacker with access to an admin account could escape the restricted CLI and execute arbitrary shell instructions. | |||||
| CVE-2018-6211 | 1 D-link | 2 Dir-620, Dir-620 Firmware | 2018-08-11 | 9.0 HIGH | 7.2 HIGH |
| On D-Link DIR-620 devices with a certain customized (by ISP) variant of firmware 1.0.3, 1.0.37, 1.3.1, 1.3.3, 1.3.7, 1.4.0, and 2.0.22, OS command injection is possible as a result of incorrect processing of the res_buf parameter to index.cgi. | |||||
| CVE-2017-14433 | 1 Moxa | 2 Edr-810, Edr-810 Firmware | 2018-06-15 | 9.0 HIGH | 8.8 HIGH |
| An exploitable command injection vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP POST can cause a privilege escalation resulting in root shell. An attacker can inject OS commands into the remoteNetwork0= parameter in the "/goform/net\_Web\_get_value" uri to trigger this vulnerability. | |||||
| CVE-2017-14434 | 1 Moxa | 2 Edr-810, Edr-810 Firmware | 2018-06-15 | 9.0 HIGH | 8.8 HIGH |
| An exploitable command injection vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP POST can cause a privilege escalation resulting in root shell. An attacker can inject OS commands into the remoteNetmask0= parameter in the "/goform/net\_Web\_get_value" uri to trigger this vulnerability. | |||||
| CVE-2017-14432 | 1 Moxa | 2 Edr-810, Edr-810 Firmware | 2018-06-15 | 9.0 HIGH | 8.8 HIGH |
| An exploitable command injection vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP POST can cause a privilege escalation resulting in root shell. An attacker can inject OS commands into the openvpnServer0_tmp= parameter in the "/goform/net\_Web\_get_value" uri to trigger this vulnerability. | |||||
| CVE-2017-12125 | 1 Moxa | 2 Edr-810, Edr-810 Firmware | 2018-06-15 | 9.0 HIGH | 8.8 HIGH |
| An exploitable command injection vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP POST can cause a privilege escalation resulting in root shell. An attacker can inject OS commands into the CN= parm in the "/goform/net_WebCSRGen" uri to trigger this vulnerability. | |||||
| CVE-2017-12121 | 1 Moxa | 2 Edr-810, Edr-810 Firmware | 2018-06-15 | 9.0 HIGH | 8.8 HIGH |
| An exploitable command injection vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP POST can cause a privilege escalation resulting in root shell. An attacker can inject OS commands into the rsakey\_name= parm in the "/goform/WebRSAKEYGen" uri to trigger this vulnerability. | |||||
| CVE-2017-12120 | 1 Moxa | 2 Edr-810, Edr-810 Firmware | 2018-06-15 | 9.0 HIGH | 8.8 HIGH |
| An exploitable command injection vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP POST can cause a privilege escalation, resulting in a root shell. An attacker can inject OS commands into the ip= parm in the "/goform/net_WebPingGetValue" URI to trigger this vulnerability. | |||||
| CVE-2018-6021 | 1 Silextechnology | 4 Geh-sd-320an, Geh-sd-320an Firmware, Sd-320an and 1 more | 2018-06-13 | 6.5 MEDIUM | 7.4 HIGH |
| Silex SD-320AN version 2.01 and prior and GE MobileLink(GEH-SD-320AN) version GEH-1.1 and prior have a system call parameter that is not properly sanitized, which may allow remote code execution. | |||||
| CVE-2018-3836 | 2 Debian, Leptonica | 2 Debian Linux, Leptonica | 2018-05-25 | 7.2 HIGH | 7.8 HIGH |
| An exploitable command injection vulnerability exists in the gplotMakeOutput function of Leptonica 1.74.4. A specially crafted gplot rootname argument can cause a command injection resulting in arbitrary code execution. An attacker can provide a malicious path as input to an application that passes attacker data to this function to trigger this vulnerability. | |||||
| CVE-2018-0556 | 1 Buffalo | 2 Wzr-1750dhp2, Wzr-1750dhp2 Firmware | 2018-05-16 | 8.3 HIGH | 8.8 HIGH |
| Buffalo WZR-1750DHP2 Ver.2.30 and earlier allows an attacker to execute arbitrary OS commands via unspecified vectors. | |||||
| CVE-2018-1000118 | 1 Electronjs | 1 Electron | 2018-04-20 | 9.3 HIGH | 8.8 HIGH |
| Github Electron version Electron 1.8.2-beta.4 and earlier contains a Command Injection vulnerability in Protocol Handler that can result in command execute. This attack appear to be exploitable via the victim opening an electron protocol handler in their browser. This vulnerability appears to have been fixed in Electron 1.8.2-beta.5. This issue is due to an incomplete fix for CVE-2018-1000006, specifically the black list used was not case insensitive allowing an attacker to potentially bypass it. | |||||
| CVE-2018-1000006 | 2 Atom, Microsoft | 4 Electron, Windows 10, Windows 7 and 1 more | 2018-04-01 | 9.3 HIGH | 8.8 HIGH |
| GitHub Electron versions 1.8.2-beta.3 and earlier, 1.7.10 and earlier, 1.6.15 and earlier has a vulnerability in the protocol handler, specifically Electron apps running on Windows 10, 7 or 2008 that register custom protocol handlers can be tricked in arbitrary command execution if the user clicks on a specially crafted URL. This has been fixed in versions 1.8.2-beta.4, 1.7.11, and 1.6.16. | |||||
| CVE-2018-0523 | 1 Buffalo | 2 Wxr-1900dhp2, Wxr-1900dhp2 Firmware | 2018-03-26 | 8.3 HIGH | 8.8 HIGH |
| Buffalo WXR-1900DHP2 firmware Ver.2.48 and earlier allows an attacker to execute arbitrary OS commands via unspecified vectors. | |||||
| CVE-2015-4117 | 1 Vestacp | 1 Control Panel | 2018-03-23 | 6.5 MEDIUM | 8.8 HIGH |
| Vesta Control Panel before 0.9.8-14 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the backup parameter to list/backup/index.php. | |||||
| CVE-2018-7448 | 1 Cmsmadesimple | 1 Cms Made Simple | 2018-03-22 | 8.5 HIGH | 7.5 HIGH |
| Remote code execution vulnerability in /cmsms-2.1.6-install.php/index.php in CMS Made Simple version 2.1.6 allows remote attackers to inject arbitrary PHP code via the "timezone" parameter in step 4 of a fresh installation procedure. | |||||
| CVE-2016-0291 | 1 Ibm | 1 Bigfix Platform | 2018-03-17 | 9.0 HIGH | 8.8 HIGH |
| IBM BigFix Platform 9.0, 9.1 before 9.1.8, and 9.2 before 9.2.8 allow remote authenticated users to execute arbitrary commands by leveraging report server access. IBM X-Force ID: 111302. | |||||
| CVE-2017-6230 | 1 Ruckuswireless | 2 Smartzone Managed Access Point Firmware, Solo Access Point Firmware | 2018-03-16 | 9.0 HIGH | 8.8 HIGH |
| Ruckus Networks Solo APs firmware releases R110.x or before and Ruckus Networks SZ managed APs firmware releases R5.x or before contain authenticated Root Command Injection in the web-GUI that could allow authenticated valid users to execute privileged commands on the respective systems. | |||||
| CVE-2018-6926 | 1 Misp | 1 Misp | 2018-03-16 | 9.0 HIGH | 7.2 HIGH |
| In app/Controller/ServersController.php in MISP 2.4.87, a server setting permitted the override of a path variable on certain Red Hed Enterprise Linux and CentOS systems (where rh_shell_fix was enabled), and consequently allowed site admins to inject arbitrary OS commands. The impact is limited by the setting being only accessible to the site administrator. | |||||
| CVE-2017-6229 | 1 Ruckuswireless | 30 H320, H320 Firmware, H510 and 27 more | 2018-03-12 | 9.0 HIGH | 8.8 HIGH |
| Ruckus Networks Unleashed AP firmware releases before 200.6.10.1.x and Ruckus Networks Zone Director firmware releases 10.1.0.0.x, 9.10.2.0.x, 9.12.3.0.x, 9.13.3.0.x, 10.0.1.0.x or before contain authenticated Root Command Injection in the CLI that could allow authenticated valid users to execute privileged commands on the respective systems. | |||||
| CVE-2018-1000019 | 1 Open-emr | 1 Openemr | 2018-03-01 | 9.0 HIGH | 8.8 HIGH |
| OpenEMR version 5.0.0 contains a OS Command Injection vulnerability in fax_dispatch.php that can result in OS command injection by an authenticated attacker with any role. This vulnerability appears to have been fixed in 5.0.0 Patch 2 or higher. | |||||
| CVE-2018-6353 | 1 Electrum | 1 Electrum | 2018-02-15 | 7.2 HIGH | 7.8 HIGH |
| The Python console in Electrum through 2.9.4 and 3.x through 3.0.5 supports arbitrary Python code without considering (1) social-engineering attacks in which a user pastes code that they do not understand and (2) code pasted by a physically proximate attacker at an unattended workstation, which makes it easier for attackers to steal Bitcoin via hook code that runs at a later time when the wallet password has been entered, a different vulnerability than CVE-2018-1000022. | |||||
| CVE-2018-6388 | 1 Iball | 2 Ib-wra150n, Ib-wra150n Firmware | 2018-02-15 | 9.0 HIGH | 8.8 HIGH |
| iBall iB-WRA150N 1.2.6 build 110401 Rel.47776n devices allow remote authenticated users to execute arbitrary OS commands via shell metacharacters in the ping test arguments on the Diagnostics page. | |||||
| CVE-2017-1000502 | 1 Jenkins | 1 Ec2 | 2018-02-12 | 9.0 HIGH | 8.8 HIGH |
| Users with permission to create or configure agents in Jenkins 1.37 and earlier could configure an EC2 agent to run arbitrary shell commands on the master node whenever the agent was supposed to be launched. Configuration of these agents now requires the 'Run Scripts' permission typically only granted to administrators. | |||||
| CVE-2016-10709 | 1 Pfsense | 1 Pfsense | 2018-02-09 | 9.0 HIGH | 8.8 HIGH |
| pfSense before 2.3 allows remote authenticated users to execute arbitrary OS commands via a '|' character in the status_rrd_graph_img.php graph parameter, related to _rrd_graph_img.php. | |||||
| CVE-2018-5371 | 1 D-link | 4 Dsl-2540u, Dsl-2540u Firmware, Dsl-2640u and 1 more | 2018-02-02 | 9.0 HIGH | 8.8 HIGH |
| diag_ping.cmd on D-Link DSL-2640U devices with firmware IM_1.00 and ME_1.00, and DSL-2540U devices with firmware ME_1.00, allows authenticated remote attackers to execute arbitrary OS commands via shell metacharacters in the ipaddr field of an HTTP GET request. | |||||
| CVE-2017-1000473 | 1 Linux-dash Project | 1 Linux-dash | 2018-01-19 | 7.2 HIGH | 7.8 HIGH |
| Linux Dash up to version v2 is vulnerable to multiple command injection vulnerabilities in the way module names are parsed and then executed resulting in code execution on the server, potentially as root. | |||||