Search
Total
1052 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-3739 | 1 Google | 2 Chrome, Chrome Os | 2023-08-15 | N/A | 6.3 MEDIUM |
| Insufficient validation of untrusted input in Chromad in Google Chrome on ChromeOS prior to 115.0.5790.131 allowed a remote attacker to execute arbitrary code via a crafted shell script. (Chromium security severity: Low) | |||||
| CVE-2023-39001 | 1 Opnsense | 1 Opnsense | 2023-08-15 | N/A | 9.8 CRITICAL |
| A command injection vulnerability in the component diag_backup.php of OPNsense before 23.7 allows attackers to execute arbitrary commands via a crafted backup configuration file. | |||||
| CVE-2023-38942 | 1 Dango | 1 Dango-translator | 2023-08-14 | N/A | 9.8 CRITICAL |
| Dango-Translator v4.5.5 was discovered to contain a remote command execution (RCE) vulnerability via the component app/config/cloud_config.json. | |||||
| CVE-2023-38941 | 1 Ehco1996 | 1 Django-sspanel | 2023-08-14 | N/A | 9.8 CRITICAL |
| django-sspanel v2022.2.2 was discovered to contain a remote command execution (RCE) vulnerability via the component sspanel/admin_view.py -> GoodsCreateView._post. | |||||
| CVE-2023-39008 | 1 Opnsense | 1 Opnsense | 2023-08-14 | N/A | 9.8 CRITICAL |
| A command injection vulnerability in the component /api/cron/settings/setJob/ of OPNsense before 23.7 allows attackers to execute arbitrary system commands. | |||||
| CVE-2023-26310 | 1 Oppo | 2 Coloros, Find X3 | 2023-08-14 | N/A | 9.8 CRITICAL |
| There is a command injection problem in the old version of the mobile phone backup app. | |||||
| CVE-2023-38690 | 1 Matrix | 1 Matrix Irc Bridge | 2023-08-11 | N/A | 9.8 CRITICAL |
| matrix-appservice-irc is a Node.js IRC bridge for Matrix. Prior to version 1.0.1, it is possible to craft a command with newlines which would not be properly parsed. This would mean you could pass a string of commands as a channel name, which would then be run by the IRC bridge bot. Versions 1.0.1 and above are patched. There are no robust workarounds to the bug. One may disable dynamic channels in the config to disable the most common execution method but others may exist. | |||||
| CVE-2023-39523 | 1 Nexb | 1 Scancode.io | 2023-08-11 | N/A | 8.8 HIGH |
| ScanCode.io is a server to script and automate software composition analysis with ScanPipe pipelines. Prior to version 32.5.1, the software has a possible command injection vulnerability in the docker fetch process as it allows to append malicious commands in the `docker_reference` parameter. In the function `scanpipe/pipes/fetch.py:fetch_docker_image` the parameter `docker_reference` is user controllable. The `docker_reference` variable is then passed to the vulnerable function `get_docker_image_platform`. However, the `get_docker_image_plaform` function constructs a shell command with the passed `docker_reference`. The `pipes.run_command` then executes the shell command without any prior sanitization, making the function vulnerable to command injections. A malicious user who is able to create or add inputs to a project can inject commands. Although the command injections are blind and the user will not receive direct feedback without logs, it is still possible to cause damage to the server/container. The vulnerability appears for example if a malicious user adds a semicolon after the input of `docker://;`, it would allow appending malicious commands. Version 32.5.1 contains a patch for this issue. The `docker_reference` input should be sanitized to avoid command injections and, as a workaround, one may avoid creating commands with user controlled input directly. | |||||
| CVE-2023-1389 | 1 Tp-link | 2 Archer Ax21, Archer Ax21 Firmware | 2023-08-11 | N/A | 8.8 HIGH |
| TP-Link Archer AX21 (AX1800) firmware versions before 1.1.4 Build 20230219 contained a command injection vulnerability in the country form of the /cgi-bin/luci;stok=/locale endpoint on the web management interface. Specifically, the country parameter of the write operation was not sanitized before being used in a call to popen(), allowing an unauthenticated attacker to inject commands, which would be run as root, with a simple POST request. | |||||
| CVE-2023-38928 | 1 Netgear | 2 R7100lg, R7100lg Firmware | 2023-08-09 | N/A | 9.8 CRITICAL |
| Netgear R7100LG 1.0.0.78 was discovered to contain a command injection vulnerability via the password parameter at usb_remote_invite.cgi. | |||||
| CVE-2023-38921 | 1 Netgear | 4 Wag302v2, Wag302v2 Firmware, Wg302v2 and 1 more | 2023-08-09 | N/A | 8.8 HIGH |
| Netgear WG302v2 v5.2.9 and WAG302v2 v5.1.19 were discovered to contain multiple command injection vulnerabilities in the upgrade_handler function via the firmwareRestore and firmwareServerip parameters. | |||||
| CVE-2023-4120 | 1 Byzoro | 1 Smart S85f | 2023-08-08 | N/A | 9.8 CRITICAL |
| A vulnerability was found in Beijing Baichuo Smart S85F Management Platform up to 20230722 and classified as critical. This issue affects some unknown processing of the file importhtml.php. The manipulation of the argument sql leads to command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-235967. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2023-3718 | 1 Hpe | 27 Aruba Cx 10000-48y6, Aruba Cx 4100i, Aruba Cx 6000 12g and 24 more | 2023-08-08 | N/A | 8.8 HIGH |
| An authenticated command injection vulnerability exists in the AOS-CX command line interface. Successful exploitation of this vulnerability results in the ability to execute arbitrary commands on the underlying operating system as a privileged user on the affected switch. This allows an attacker to fully compromise the underlying operating system on the device running AOS-CX. | |||||
| CVE-2022-27002 | 1 Commscope | 2 Arris Tr3300, Arris Tr3300 Firmware | 2023-08-08 | 10.0 HIGH | 9.8 CRITICAL |
| Arris TR3300 v1.0.13 were discovered to contain a command injection vulnerability in the ddns function via the ddns_name, ddns_pwd, h_ddns?ddns_host parameters. This vulnerability allows attackers to execute arbitrary commands via a crafted request. | |||||
| CVE-2022-27000 | 1 Commscope | 2 Arris Tr3300, Arris Tr3300 Firmware | 2023-08-08 | 10.0 HIGH | 9.8 CRITICAL |
| Arris TR3300 v1.0.13 was discovered to contain a command injection vulnerability in the time and time zone function via the h_primary_ntp_server, h_backup_ntp_server, and h_time_zone parameters. This vulnerability allows attackers to execute arbitrary commands via a crafted request. | |||||
| CVE-2022-27082 | 1 Tenda | 2 M3, M3 Firmware | 2023-08-08 | 10.0 HIGH | 9.8 CRITICAL |
| Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the component /goform/SetInternetLanInfo. | |||||
| CVE-2022-26536 | 1 Tenda | 2 M3, M3 Firmware | 2023-08-08 | 10.0 HIGH | 9.8 CRITICAL |
| Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the component /goform/setFixTools. | |||||
| CVE-2022-27001 | 1 Commscope | 2 Arris Tr3300, Arris Tr3300 Firmware | 2023-08-08 | 10.0 HIGH | 9.8 CRITICAL |
| Arris TR3300 v1.0.13 were discovered to contain a command injection vulnerability in the dhcp function via the hostname parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request. | |||||
| CVE-2021-31575 | 1 Mediatek | 4 En7528, En7528 Firmware, En7580 and 1 more | 2023-08-08 | N/A | 9.8 CRITICAL |
| In Config Manager, there is a possible command injection due to improper input validation. This could lead to remote escalation of privilege from a proximal attacker with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: A20210009; Issue ID: OSBNB00123234. | |||||
| CVE-2022-26999 | 1 Commscope | 2 Arris Tr3300, Arris Tr3300 Firmware | 2023-08-08 | 10.0 HIGH | 9.8 CRITICAL |
| Arris TR3300 v1.0.13 was discovered to contain a command injection vulnerability in the static ip settings function via the wan_ip_stat, wan_mask_stat, wan_gw_stat, and wan_dns1_stat parameters. This vulnerability allows attackers to execute arbitrary commands via a crafted request. | |||||
| CVE-2021-31573 | 1 Mediatek | 4 En7528, En7528 Firmware, En7580 and 1 more | 2023-08-08 | N/A | 9.8 CRITICAL |
| In Config Manager, there is a possible command injection due to improper input validation. This could lead to remote escalation of privilege from a proximal attacker with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: A20210009; Issue ID: OSBNB00123234. | |||||
| CVE-2022-27081 | 1 Tenda | 2 M3, M3 Firmware | 2023-08-08 | 10.0 HIGH | 9.8 CRITICAL |
| Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the component /goform/SetLanInfo. | |||||
| CVE-2022-26997 | 1 Commscope | 2 Arris Tr3300, Arris Tr3300 Firmware | 2023-08-08 | 10.0 HIGH | 9.8 CRITICAL |
| Arris TR3300 v1.0.13 was discovered to contain a command injection vulnerability in the upnp function via the upnp_ttl parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request. | |||||
| CVE-2022-27080 | 1 Tenda | 2 M3, M3 Firmware | 2023-08-08 | 10.0 HIGH | 9.8 CRITICAL |
| Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the component /goform/setWorkmode. | |||||
| CVE-2021-31574 | 1 Mediatek | 4 En7528, En7528 Firmware, En7580 and 1 more | 2023-08-08 | N/A | 9.8 CRITICAL |
| In Config Manager, there is a possible command injection due to improper input validation. This could lead to remote escalation of privilege from a proximal attacker with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: A20210009; Issue ID: OSBNB00123234. | |||||
| CVE-2022-27079 | 1 Tenda | 2 M3, M3 Firmware | 2023-08-08 | 10.0 HIGH | 9.8 CRITICAL |
| Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the component /goform/setPicListItem. | |||||
| CVE-2022-27078 | 1 Tenda | 2 M3, M3 Firmware | 2023-08-08 | 10.0 HIGH | 9.8 CRITICAL |
| Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the component /goform/setAdInfoDetail. | |||||
| CVE-2022-27077 | 1 Tenda | 2 M3, M3 Firmware | 2023-08-08 | 10.0 HIGH | 9.8 CRITICAL |
| Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the component /cgi-bin/uploadWeiXinPic. | |||||
| CVE-2022-26995 | 1 Commscope | 2 Arris Tr3300, Arris Tr3300 Firmware | 2023-08-08 | 10.0 HIGH | 9.8 CRITICAL |
| Arris TR3300 v1.0.13 was discovered to contain a command injection vulnerability in the pptp (wan_pptp.html) function via the pptp_fix_ip, pptp_fix_mask, pptp_fix_gw, and wan_dns1_stat parameters. This vulnerability allows attackers to execute arbitrary commands via a crafted request. | |||||
| CVE-2022-4009 | 1 Octopus | 1 Octopus Server | 2023-08-08 | N/A | 8.8 HIGH |
| In affected versions of Octopus Deploy it is possible for a user to introduce code via offline package creation | |||||
| CVE-2022-27083 | 1 Tenda | 2 M3, M3 Firmware | 2023-08-08 | 10.0 HIGH | 9.8 CRITICAL |
| Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the component /cgi-bin/uploadAccessCodePic. | |||||
| CVE-2022-26151 | 1 Citrix | 1 Xenmobile Server | 2023-08-08 | 9.0 HIGH | 7.2 HIGH |
| Citrix XenMobile Server 10.12 through RP11, 10.13 through RP7, and 10.14 through RP4 allows Command Injection. | |||||
| CVE-2022-26996 | 1 Commscope | 2 Arris Tr3300, Arris Tr3300 Firmware | 2023-08-08 | 10.0 HIGH | 9.8 CRITICAL |
| Arris TR3300 v1.0.13 was discovered to contain a command injection vulnerability in the pppoe function via the pppoe_username, pppoe_passwd, and pppoe_servicename parameters. This vulnerability allows attackers to execute arbitrary commands via a crafted request. | |||||
| CVE-2022-30321 | 1 Hashicorp | 1 Go-getter | 2023-08-08 | 7.5 HIGH | 8.6 HIGH |
| go-getter up to 1.5.11 and 2.0.2 allowed arbitrary host access via go-getter path traversal, symlink processing, and command injection flaws. Fixed in 1.6.1 and 2.1.0. | |||||
| CVE-2022-26998 | 1 Commscope | 2 Arris Tr3300, Arris Tr3300 Firmware | 2023-08-08 | 10.0 HIGH | 9.8 CRITICAL |
| Arris TR3300 v1.0.13 was discovered to contain a command injection vulnerability in the wps setting function via the wps_enrolee_pin parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request. | |||||
| CVE-2022-27076 | 1 Tenda | 2 M3, M3 Firmware | 2023-08-08 | 10.0 HIGH | 9.8 CRITICAL |
| Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the component /goform/delAd. | |||||
| CVE-2023-37679 | 1 Nextgen | 1 Mirth Connect | 2023-08-07 | N/A | 9.8 CRITICAL |
| A remote command execution (RCE) vulnerability in NextGen Mirth Connect v4.3.0 allows attackers to execute arbitrary commands on the hosting server. | |||||
| CVE-2023-26317 | 1 Mi | 1 Xiaomi Router Firmware | 2023-08-07 | N/A | 9.8 CRITICAL |
| A vulnerability has been discovered in Xiaomi routers that could allow command injection through an external interface. This vulnerability arises from inadequate filtering of responses returned from the external interface. Attackers could exploit this vulnerability by hijacking the ISP or an upper-layer router to gain privileges on the Xiaomi router. Successful exploitation of this flaw could permit remote code execution and complete compromise of the device. | |||||
| CVE-2023-31429 | 1 Broadcom | 1 Fabric Operating System | 2023-08-04 | N/A | 5.5 MEDIUM |
| Brocade Fabric OS before Brocade Fabric OS v9.1.1c, v9.2.0 contains a vulnerability when using various commands such as “chassisdistribute”, “reboot”, “rasman”, errmoduleshow, errfilterset, hassiscfgperrthreshold, supportshowcfgdisable and supportshowcfgenable commands that can cause the content of shell interpreted variables to be printed in the terminal. | |||||
| CVE-2023-37214 | 1 Heights-t | 2 Ero1xs-pro, Ero1xs-pro Firmware | 2023-08-04 | N/A | 9.8 CRITICAL |
| Heights Telecom ERO1xS-Pro Dual-Band FW version BZ_ERO1XP.025. | |||||
| CVE-2022-39987 | 1 Raspap | 1 Raspap | 2023-08-04 | N/A | 8.8 HIGH |
| A Command injection vulnerability in RaspAP 2.8.0 thru 2.9.2 allows an authenticated attacker to execute arbitrary OS commands as root via the "entity" POST parameters in /ajax/networking/get_wgkey.php. | |||||
| CVE-2023-28130 | 1 Checkpoint | 1 Gaia Portal | 2023-08-02 | N/A | 7.2 HIGH |
| Local user may lead to privilege escalation using Gaia Portal hostnames page. | |||||
| CVE-2022-28171 | 1 Hikvision | 22 Ds-a71024, Ds-a71024 Firmware, Ds-a71048 and 19 more | 2023-08-02 | 7.5 HIGH | 9.8 CRITICAL |
| The web module in some Hikvision Hybrid SAN/Cluster Storage products have the following security vulnerability. Due to the insufficient input validation, attacker can exploit the vulnerability to execute restricted commands by sending messages with malicious commands to the affected device. | |||||
| CVE-2022-32449 | 1 Totolink | 2 Ex300 V2, Ex300 V2 Firmware | 2023-08-02 | 10.0 HIGH | 9.8 CRITICAL |
| TOTOLINK EX300_V2 V4.0.3c.7484 was discovered to contain a command injection vulnerability via the langType parameter in the setLanguageCfg function. This vulnerability is exploitable via a crafted MQTT data packet. | |||||
| CVE-2022-34592 | 1 Wavlink | 2 Wl-wn575a3, Wl-wn575a3 Firmware | 2023-08-01 | 7.5 HIGH | 9.8 CRITICAL |
| Wavlink WL-WN575A3 RPT75A3.V4300.201217 was discovered to contain a command injection vulnerability via the function obtw. This vulnerability allows attackers to execute arbitrary commands via a crafted POST request. | |||||
| CVE-2022-46640 | 1 Nanoleaf | 1 Nanoleaf Desktop | 2023-08-01 | N/A | 9.8 CRITICAL |
| Nanoleaf Desktop App before v1.3.1 was discovered to contain a command injection vulnerability which is exploited via a crafted HTTP request. | |||||
| CVE-2016-10108 | 1 Western Digital | 1 Mycloud Nas | 2023-07-28 | 10.0 HIGH | 9.8 CRITICAL |
| Unauthenticated Remote Command injection as root occurs in the Western Digital MyCloud NAS 2.11.142 /web/google_analytics.php URL via a modified arg parameter in the POST data. | |||||
| CVE-2023-38286 | 2 Codecentric, Thymeleaf | 2 Spring Boot Admin, Thymeleaf | 2023-07-27 | N/A | 7.5 HIGH |
| Thymeleaf through 3.1.1.RELEASE, as used in spring-boot-admin (aka Spring Boot Admin) through 3.1.1 and other products, allows sandbox bypass via crafted HTML. This may be relevant for SSTI (Server Side Template Injection) and code execution in spring-boot-admin if MailNotifier is enabled and there is write access to environment variables via the UI. | |||||
| CVE-2023-38336 | 1 Netkit | 1 Netkit | 2023-07-27 | N/A | 9.8 CRITICAL |
| netkit-rcp in rsh-client 0.17-24 allows command injection via filenames because /bin/sh is used by susystem, a related issue to CVE-2006-0225, CVE-2019-7283, and CVE-2020-15778. | |||||
| CVE-2023-37794 | 1 Wayos | 2 Fbm-291w, Fbm-291w Firmware | 2023-07-26 | N/A | 9.8 CRITICAL |
| WAYOS FBM-291W 19.09.11V was discovered to contain a command injection vulnerability via the component /upgrade_filter.asp. | |||||