Search
Total
2443 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-20731 | 1 Buffalo | 4 Wsr-1166dhp3, Wsr-1166dhp3 Firmware, Wsr-1166dhp4 and 1 more | 2021-06-16 | 8.3 HIGH | 8.8 HIGH |
| WSR-1166DHP3 firmware Ver.1.16 and prior and WSR-1166DHP4 firmware Ver.1.02 and prior allow an attacker to execute arbitrary OS commands with root privileges via unspecified vectors. | |||||
| CVE-2021-1538 | 1 Cisco | 1 Common Services Platform Collector | 2021-06-14 | 9.0 HIGH | 7.2 HIGH |
| A vulnerability in the configuration dashboard of Cisco Common Services Platform Collector (CSPC) could allow an authenticated, remote attacker to execute arbitrary code. This vulnerability is due to insufficient sanitization of configuration entries. An attacker could exploit this vulnerability by logging in as a super admin and entering crafted input to configuration options on the CSPC configuration dashboard. A successful exploit could allow the attacker to execute remote code as root. | |||||
| CVE-2021-28812 | 1 Qnap | 4 Qts, Quts Hero, Qutscloud and 1 more | 2021-06-11 | 6.5 MEDIUM | 8.8 HIGH |
| A command injection vulnerability has been reported to affect certain versions of Video Station. If exploited, this vulnerability allows remote attackers to execute arbitrary commands. This issue affects: QNAP Systems Inc. Video Station versions prior to 5.5.4 on QTS 4.5.2; versions prior to 5.5.4 on QuTS hero h4.5.2; versions prior to 5.5.4 on QuTScloud c4.5.4. This issue does not affect: QNAP Systems Inc. Video Station on QTS 4.3.6; on QTS 4.3.3. | |||||
| CVE-2021-22123 | 1 Fortinet | 1 Fortiweb | 2021-06-10 | 9.0 HIGH | 8.8 HIGH |
| An OS command injection vulnerability in FortiWeb's management interface 6.3.7 and below, 6.2.3 and below, 6.1.x, 6.0.x, 5.9.x may allow a remote authenticated attacker to execute arbitrary commands on the system via the SAML server configuration page. | |||||
| CVE-2021-20026 | 1 Sonicwall | 1 Network Security Manager | 2021-06-08 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability in the SonicWall NSM On-Prem product allows an authenticated attacker to perform OS command injection using a crafted HTTP request. This vulnerability affects NSM On-Prem 2.2.0-R10 and earlier versions. | |||||
| CVE-2021-1498 | 1 Cisco | 8 Hyperflex Hx220c Af M5, Hyperflex Hx220c All Nvme M5, Hyperflex Hx220c Edge M5 and 5 more | 2021-06-07 | 7.5 HIGH | 9.8 CRITICAL |
| Multiple vulnerabilities in the web-based management interface of Cisco HyperFlex HX could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory. | |||||
| CVE-2021-1497 | 1 Cisco | 8 Hyperflex Hx220c Af M5, Hyperflex Hx220c All Nvme M5, Hyperflex Hx220c Edge M5 and 5 more | 2021-06-07 | 10.0 HIGH | 9.8 CRITICAL |
| Multiple vulnerabilities in the web-based management interface of Cisco HyperFlex HX could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory. | |||||
| CVE-2020-35314 | 1 Wondercms | 1 Wondercms | 2021-06-01 | 7.5 HIGH | 9.8 CRITICAL |
| A remote code execution vulnerability in the installUpdateThemePluginAction function in index.php in WonderCMS 3.1.3, allows remote attackers to upload a custom plugin which can contain arbitrary code and obtain a webshell via the theme/plugin installer. | |||||
| CVE-2020-36243 | 1 Open-emr | 1 Openemr | 2021-06-01 | 9.0 HIGH | 8.8 HIGH |
| The Patient Portal of OpenEMR 5.0.2.1 is affected by a Command Injection vulnerability in /interface/main/backup.php. To exploit the vulnerability, an authenticated attacker can send a POST request that executes arbitrary OS commands via shell metacharacters. | |||||
| CVE-2021-33525 | 1 Eyesofnetwork | 1 Eyesofnetwork | 2021-05-27 | 9.0 HIGH | 8.8 HIGH |
| EyesOfNetwork eonweb through 5.3-11 allows Remote Command Execution (by authenticated users) via shell metacharacters in the nagios_path parameter to lilac/export.php, as demonstrated by %26%26+curl to insert an "&& curl" substring for the shell. | |||||
| CVE-2021-1487 | 1 Cisco | 2 Evolved Programmable Network Manager, Prime Infrastructure | 2021-05-27 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability in the web-based management interface of Cisco Prime Infrastructure and Evolved Programmable Network (EPN) Manager could allow an authenticated, remote attacker to execute arbitrary commands on an affected system. The vulnerability is due to insufficient validation of user-supplied input to the web-based management interface. An attacker could exploit this vulnerability by sending crafted HTTP requests to the interface. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system (OS) with the permissions of a special non-root user. In this way, an attacker could take control of the affected system, which would allow them to obtain and alter sensitive data. The attacker could also affect the devices that are managed by the affected system by pushing arbitrary configuration files, retrieving device credentials and confidential information, and ultimately undermining the stability of the devices, causing a denial of service (DoS) condition. | |||||
| CVE-2021-1557 | 1 Cisco | 1 Dna Spaces\ | 2021-05-27 | 7.2 HIGH | 6.7 MEDIUM |
| Multiple vulnerabilities in Cisco DNA Spaces Connector could allow an authenticated, local attacker to elevate privileges and execute arbitrary commands on the underlying operating system as root. These vulnerabilities are due to insufficient restrictions during the execution of affected CLI commands. An attacker could exploit these vulnerabilities by leveraging the insufficient restrictions during execution of these commands. A successful exploit could allow the attacker to elevate privileges from dnasadmin and execute arbitrary commands on the underlying operating system as root. | |||||
| CVE-2021-1558 | 1 Cisco | 1 Dna Spaces\ | 2021-05-27 | 7.2 HIGH | 6.7 MEDIUM |
| Multiple vulnerabilities in Cisco DNA Spaces Connector could allow an authenticated, local attacker to elevate privileges and execute arbitrary commands on the underlying operating system as root. These vulnerabilities are due to insufficient restrictions during the execution of affected CLI commands. An attacker could exploit these vulnerabilities by leveraging the insufficient restrictions during execution of these commands. A successful exploit could allow the attacker to elevate privileges from dnasadmin and execute arbitrary commands on the underlying operating system as root. | |||||
| CVE-2021-1559 | 1 Cisco | 1 Dna Spaces\ | 2021-05-27 | 9.0 HIGH | 7.2 HIGH |
| Multiple vulnerabilities in Cisco DNA Spaces Connector could allow an authenticated, remote attacker to perform a command injection attack on an affected device. These vulnerabilities are due to insufficient input sanitization when executing affected commands. A high-privileged attacker could exploit these vulnerabilities on a Cisco DNA Spaces Connector by injecting crafted input during command execution. A successful exploit could allow the attacker to execute arbitrary commands as root within the Connector docker container. | |||||
| CVE-2018-1185 | 1 Dell | 2 Emc Recoverpoint, Emc Recoverpoint For Virtual Machines | 2021-05-26 | 7.2 HIGH | 6.7 MEDIUM |
| An issue was discovered in EMC RecoverPoint for Virtual Machines versions prior to 5.1.1, EMC RecoverPoint version 5.1.0.0, and EMC RecoverPoint versions prior to 5.0.1.3. Command injection vulnerability in Admin CLI may allow a malicious user with admin privileges to escape from the restricted shell to an interactive shell and run arbitrary commands with root privileges. | |||||
| CVE-2021-30187 | 1 Codesys | 1 Runtime Toolkit | 2021-05-26 | 4.6 MEDIUM | 5.3 MEDIUM |
| CODESYS V2 runtime system SP before 2.4.7.55 has Improper Neutralization of Special Elements used in an OS Command. | |||||
| CVE-2021-20719 | 1 Nippon-antenna | 2 Rfntps, Rfntps Firmware | 2021-05-25 | 7.7 HIGH | 6.8 MEDIUM |
| RFNTPS firmware versions System_01000004 and earlier, and Web_01000004 and earlier allow an attacker on the same network segment to execute arbitrary OS commands with a root privilege via unspecified vectors. | |||||
| CVE-2021-20557 | 2 Ibm, Linux | 2 Security Guardium, Linux Kernel | 2021-05-25 | 9.0 HIGH | 7.2 HIGH |
| IBM Security Guardium 11.2 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 199184. | |||||
| CVE-2018-1184 | 1 Dell | 2 Emc Recoverpoint, Emc Recoverpoint For Virtual Machines | 2021-05-24 | 7.2 HIGH | 6.7 MEDIUM |
| An issue was discovered in EMC RecoverPoint for Virtual Machines versions prior to 5.1.1, EMC RecoverPoint version 5.1.0.0, and EMC RecoverPoint versions prior to 5.0.1.3. Command injection vulnerability in Boxmgmt CLI may allow a malicious user with boxmgmt privileges to bypass Boxmgmt CLI and run arbitrary commands with root privileges. | |||||
| CVE-2021-32605 | 1 Zzzcms | 1 Zzzphp | 2021-05-19 | 7.5 HIGH | 9.8 CRITICAL |
| zzzcms zzzphp before 2.0.4 allows remote attackers to execute arbitrary OS commands by placing them in the keys parameter of a ?location=search URI, as demonstrated by an OS command within an "if" "end if" block. | |||||
| CVE-2021-31915 | 1 Jetbrains | 1 Teamcity | 2021-05-17 | 7.5 HIGH | 9.8 CRITICAL |
| In JetBrains TeamCity before 2020.2.4, OS command injection leading to remote code execution was possible. | |||||
| CVE-2021-1421 | 1 Cisco | 1 Enterprise Nfv Infrastructure Software | 2021-05-17 | 7.2 HIGH | 7.8 HIGH |
| A vulnerability in Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, local attacker to perform a command injection attack on an affected device. The vulnerability is due to insufficient validation of user-supplied input to a configuration command. An attacker could exploit this vulnerability by including malicious input during the execution of this command. A successful exploit could allow a non-privileged attacker authenticated in the restricted CLI to execute arbitrary commands on the underlying operating system (OS) with root privileges. | |||||
| CVE-2021-21550 | 1 Dell | 1 Emc Powerscale Onefs | 2021-05-14 | 7.2 HIGH | 6.7 MEDIUM |
| Dell EMC PowerScale OneFS 8.1.0-9.1.0 contain an improper neutralization of special elements used in an OS command vulnerability. This vulnerability can allow an authenticated user with ISI_PRIV_LOGIN_SSH or ISI_PRIV_LOGIN_CONSOLE privileges to escalate privileges. | |||||
| CVE-2021-21527 | 1 Dell | 1 Emc Powerscale Onefs | 2021-05-14 | 7.2 HIGH | 6.7 MEDIUM |
| Dell PowerScale OneFS 8.1.0-9.1.0 contain an improper neutralization of special elements used in an OS command vulnerability. This vulnerability may allow an authenticated user with ISI_PRIV_LOGIN_SSH or ISI_PRIV_LOGIN_CONSOLE privileges to escalate privileges. | |||||
| CVE-2017-15049 | 1 Zoom | 1 Zoom | 2021-05-14 | 9.3 HIGH | 8.8 HIGH |
| The ZoomLauncher binary in the Zoom client for Linux before 2.0.115900.1201 does not properly sanitize user input when constructing a shell command, which allows remote attackers to execute arbitrary code by leveraging the zoommtg:// scheme handler. | |||||
| CVE-2021-28151 | 1 Hongdian | 2 H8922, H8922 Firmware | 2021-05-13 | 9.0 HIGH | 8.8 HIGH |
| Hongdian H8922 3.0.5 devices allow OS command injection via shell metacharacters into the ip-address (aka Destination) field to the tools.cgi ping command, which is accessible with the username guest and password guest. | |||||
| CVE-2019-12725 | 1 Zeroshell | 1 Zeroshell | 2021-05-13 | 10.0 HIGH | 9.8 CRITICAL |
| Zeroshell 3.9.0 is prone to a remote command execution vulnerability. Specifically, this issue occurs because the web application mishandles a few HTTP parameters. An unauthenticated attacker can exploit this issue by injecting OS commands inside the vulnerable parameters. | |||||
| CVE-2020-21992 | 1 Inim | 12 Smartliving 10100l, Smartliving 10100l Firmware, Smartliving 10100lg3 and 9 more | 2021-05-12 | 9.0 HIGH | 8.8 HIGH |
| Inim Electronics SmartLiving SmartLAN/G/SI <=6.x suffers from an authenticated remote command injection vulnerability. The issue exist due to the 'par' POST parameter not being sanitized when called with the 'testemail' module through web.cgi binary. The vulnerable CGI binary (ELF 32-bit LSB executable, ARM) is calling the 'sh' executable via the system() function to issue a command using the mailx service and its vulnerable string format parameter allowing for OS command injection with root privileges. An attacker can remotely execute system commands as the root user using default credentials and bypass access controls in place. | |||||
| CVE-2020-21999 | 1 Iwt | 2 Facesentry Access Control System, Facesentry Access Control System Firmware | 2021-05-11 | 9.0 HIGH | 8.8 HIGH |
| iWT Ltd FaceSentry Access Control System 6.4.8 suffers from an authenticated OS command injection vulnerability using default credentials. This can be exploited to inject and execute arbitrary shell commands as the root user via the 'strInIP' POST parameter in pingTest PHP script. | |||||
| CVE-2017-11566 | 1 Appsec-labs | 1 Appuse | 2021-05-11 | 7.2 HIGH | 7.8 HIGH |
| AppUse 4.0 allows shell command injection via a proxy field. | |||||
| CVE-2021-21530 | 1 Dell | 1 Openmanage Enterprise-modular | 2021-05-10 | 6.5 MEDIUM | 8.8 HIGH |
| Dell OpenManage Enterprise-Modular (OME-M) versions prior to 1.30.00 contain a security bypass vulnerability. An authenticated malicious user with low privileges may potentially exploit the vulnerability to escape from the restricted environment and gain access to sensitive information in the system, resulting in information disclosure and elevation of privilege. | |||||
| CVE-2021-29147 | 1 Arubanetworks | 1 Clearpass | 2021-05-07 | 9.0 HIGH | 8.8 HIGH |
| A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s) prior to 6.9.5, 6.8.9, 6.7.14-HF1. Aruba has released patches for Aruba ClearPass Policy Manager that address this security vulnerability. | |||||
| CVE-2021-30642 | 1 Symantec | 1 Security Analytics | 2021-05-07 | 10.0 HIGH | 9.8 CRITICAL |
| An input validation flaw in the Symantec Security Analytics web UI 7.2 prior 7.2.7, 8.1, prior to 8.1.3-NSR3, 8.2, prior to 8.2.1-NSR2 or 8.2.2 allows a remote, unauthenticated attacker to execute arbitrary OS commands on the target with elevated privileges. | |||||
| CVE-2020-22000 | 1 Homeautomation Project | 1 Homeautomation | 2021-05-06 | 8.5 HIGH | 8.0 HIGH |
| HomeAutomation 3.3.2 suffers from an authenticated OS command execution vulnerability using custom command v0.1 plugin. This can be exploited with a CSRF vulnerability to execute arbitrary shell commands as the web user via the 'set_command_on' and 'set_command_off' POST parameters in '/system/systemplugins/customcommand/customcommand.plugin.php' by using an unsanitized PHP exec() function. | |||||
| CVE-2021-30166 | 1 Meritlilin | 82 P2g1022, P2g1022 Firmware, P2g1022x and 79 more | 2021-05-05 | 9.0 HIGH | 7.2 HIGH |
| The NTP Server configuration function of the IP camera device is not verified with special parameters. Remote attackers can perform a command Injection attack and execute arbitrary commands after logging in with the privileged permission. | |||||
| CVE-2021-21388 | 1 Systeminformation | 1 Systeminformation | 2021-05-05 | 7.5 HIGH | 9.8 CRITICAL |
| systeminformation is an open source system and OS information library for node.js. A command injection vulnerability has been discovered in versions of systeminformation prior to 5.6.4. The issue has been fixed with a parameter check on user input. Please upgrade to version >= 5.6.4. If you cannot upgrade, be sure to check or sanitize service parameters that are passed to si.inetLatency(), si.inetChecksite(), si.services(), si.processLoad() and other commands. Only allow strings, reject any arrays. String sanitation works as expected. | |||||
| CVE-2021-20708 | 1 Nec | 6 Aterm Wf1200cr, Aterm Wf1200cr Firmware, Aterm Wg1200cr and 3 more | 2021-05-05 | 9.0 HIGH | 7.2 HIGH |
| NEC Aterm devices (Aterm WF1200CR firmware Ver1.3.2 and earlier, Aterm WG1200CR firmware Ver1.3.3 and earlier, and Aterm WG2600HS firmware Ver1.5.1 and earlier) allow authenticated attackers to execute arbitrary OS commands by sending a specially crafted request to a specific URL. | |||||
| CVE-2021-0265 | 1 Juniper | 1 Appformix | 2021-05-04 | 10.0 HIGH | 8.1 HIGH |
| An unvalidated REST API in the AppFormix Agent of Juniper Networks AppFormix allows an unauthenticated remote attacker to execute commands as root on the host running the AppFormix Agent, when certain preconditions are performed by the attacker, thus granting the attacker full control over the environment. This issue affects: Juniper Networks AppFormix 3 versions prior to 3.1.22, 3.2.14, 3.3.0. | |||||
| CVE-2021-20696 | 1 Dlink | 2 Dap-1880ac, Dap-1880ac Firmware | 2021-05-03 | 9.0 HIGH | 8.8 HIGH |
| DAP-1880AC firmware version 1.21 and earlier allows a remote authenticated attacker to execute arbitrary OS commands by sending a specially crafted request to a specific CGI program. | |||||
| CVE-2021-20711 | 1 Nec | 2 Aterm Wg2600hs, Aterm Wg2600hs Firmware | 2021-04-30 | 10.0 HIGH | 9.8 CRITICAL |
| Aterm WG2600HS firmware Ver1.5.1 and earlier allows an attacker to execute arbitrary OS commands via unspecified vectors. | |||||
| CVE-2020-7034 | 1 Avaya | 1 Session Border Controller For Enterprise | 2021-04-30 | 9.0 HIGH | 8.8 HIGH |
| A command injection vulnerability in Avaya Session Border Controller for Enterprise could allow an authenticated, remote attacker to send specially crafted messages and execute arbitrary commands with the affected system privileges. Affected versions of Avaya Session Border Controller for Enterprise include 7.x, 8.0 through 8.1.1.x | |||||
| CVE-2021-21526 | 1 Dell | 1 Powerscale Onefs | 2021-04-27 | 7.2 HIGH | 6.7 MEDIUM |
| Dell PowerScale OneFS 8.1.0 - 9.1.0 contains a privilege escalation in SmartLock compliance mode that may allow compadmin to execute arbitrary commands as root. | |||||
| CVE-2013-1599 | 1 Dlink | 34 Dcs-1100, Dcs-1100 Firmware, Dcs-1100l and 31 more | 2021-04-27 | 10.0 HIGH | 9.8 CRITICAL |
| A Command Injection vulnerability exists in the /var/www/cgi-bin/rtpd.cgi script in D-Link IP Cameras DCS-3411/3430 firmware 1.02, DCS-5605/5635 1.01, DCS-1100L/1130L 1.04, DCS-1100/1130 1.03, DCS-1100/1130 1.04_US, DCS-2102/2121 1.05_RU, DCS-3410 1.02, DCS-5230 1.02, DCS-5230L 1.02, DCS-6410 1.00, DCS-7410 1.00, DCS-7510 1.00, and WCS-1100 1.02, which could let a remote malicious user execute arbitrary commands through the camera’s web interface. | |||||
| CVE-2021-27252 | 1 Netgear | 84 Br200, Br200 Firmware, Br500 and 81 more | 2021-04-27 | 8.3 HIGH | 8.8 HIGH |
| This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the vendor_specific DHCP opcode. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-12216. | |||||
| CVE-2020-35578 | 1 Nagios | 1 Nagios Xi | 2021-04-26 | 9.0 HIGH | 7.2 HIGH |
| An issue was discovered in the Manage Plugins page in Nagios XI before 5.8.0. Because the line-ending conversion feature is mishandled during a plugin upload, a remote, authenticated admin user can execute operating-system commands. | |||||
| CVE-2019-14337 | 1 Dlink | 4 6600-ap, 6600-ap Firmware, Dwl-3600ap and 1 more | 2021-04-23 | 2.1 LOW | 5.5 MEDIUM |
| An issue was discovered on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 21/03/2019 devices. There is an ability to escape to a shell in the restricted command line interface, as demonstrated by the `/bin/sh -c wget` sequence. | |||||
| CVE-2020-12774 | 1 Dlink | 2 Dsl-7740c, Dsl-7740c Firmware | 2021-04-23 | 4.6 MEDIUM | 6.7 MEDIUM |
| D-Link DSL-7740C does not properly validate user input, which allows an authenticated LAN user to inject arbitrary command. | |||||
| CVE-2019-8319 | 1 Dlink | 2 Dir-878, Dir-878 Firmware | 2021-04-23 | 9.0 HIGH | 8.8 HIGH |
| An issue was discovered on D-Link DIR-878 devices with firmware 1.12A1. This issue is a Command Injection allowing a remote attacker to execute arbitrary code, and get a root shell. A command Injection vulnerability allows attackers to execute arbitrary OS commands via a crafted /HNAP1 POST request. This occurs when any HNAP API function triggers a call to the system function with untrusted input from the request body for the SetStaticRouteIPv4Settings API function, as demonstrated by shell metacharacters in the Gateway field. | |||||
| CVE-2019-8318 | 1 Dlink | 2 Dir-878, Dir-878 Firmware | 2021-04-23 | 9.0 HIGH | 8.8 HIGH |
| An issue was discovered on D-Link DIR-878 devices with firmware 1.12A1. This issue is a Command Injection allowing a remote attacker to execute arbitrary code, and get a root shell. A command Injection vulnerability allows attackers to execute arbitrary OS commands via a crafted /HNAP1 POST request. This occurs when any HNAP API function triggers a call to the twsystem function with untrusted input from the request body for the SetSysEmailSettings API function, as demonstrated by shell metacharacters in the SMTPServerPort field. | |||||
| CVE-2019-8317 | 1 Dlink | 2 Dir-878, Dir-878 Firmware | 2021-04-23 | 9.0 HIGH | 8.8 HIGH |
| An issue was discovered on D-Link DIR-878 devices with firmware 1.12A1. This issue is a Command Injection allowing a remote attacker to execute arbitrary code, and get a root shell. A command Injection vulnerability allows attackers to execute arbitrary OS commands via a crafted /HNAP1 POST request. This occurs when any HNAP API function triggers a call to the system function with untrusted input from the request body for the SetStaticRouteIPv6Settings API function, as demonstrated by shell metacharacters in the DestNetwork field. | |||||