Total
3666 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-3371 | 1 Cisco | 1 Integrated Management Controller | 2024-02-28 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability in the web UI of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker to inject arbitrary code and execute arbitrary commands at the underlying operating system level. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted commands to the web-based management interface of the affected software. A successful exploit could allow the attacker to inject and execute arbitrary commands at the underlying operating system level. | |||||
| CVE-2021-1316 | 1 Cisco | 12 Rv016 Multi-wan Vpn Router, Rv016 Multi-wan Vpn Router Firmware, Rv042 Dual Wan Vpn Router and 9 more | 2024-02-28 | 9.0 HIGH | 7.2 HIGH |
| Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges. These vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to a targeted device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system. To exploit these vulnerabilities, an attacker would need to have valid administrator credentials on an affected device. | |||||
| CVE-2021-26681 | 1 Arubanetworks | 1 Clearpass Policy Manager | 2024-02-28 | 9.0 HIGH | 7.2 HIGH |
| A remote authenticated command Injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1. A vulnerability in the ClearPass CLI could allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise. | |||||
| CVE-2021-3190 | 1 Async-git Project | 1 Async-git | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
| The async-git package before 1.13.2 for Node.js allows OS Command Injection via shell metacharacters, as demonstrated by git.reset and git.tag. | |||||
| CVE-2020-29552 | 1 Urve | 1 Urve | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
| An issue was discovered in URVE Build 24.03.2020. By using the _internal/pc/vpro.php?mac=0&ip=0&operation=0&usr=0&pass=0%3bpowershell+-c+" substring, it is possible to execute a Powershell command and redirect its output to a file under the web root. | |||||
| CVE-2020-26284 | 1 Gohugo | 1 Hugo | 2024-02-28 | 8.5 HIGH | 8.5 HIGH |
| Hugo is a fast and Flexible Static Site Generator built in Go. Hugo depends on Go's `os/exec` for certain features, e.g. for rendering of Pandoc documents if these binaries are found in the system `%PATH%` on Windows. In Hugo before version 0.79.1, if a malicious file with the same name (`exe` or `bat`) is found in the current working directory at the time of running `hugo`, the malicious command will be invoked instead of the system one. Windows users who run `hugo` inside untrusted Hugo sites are affected. Users should upgrade to Hugo v0.79.1. Other than avoiding untrusted Hugo sites, there is no workaround. | |||||
| CVE-2021-26704 | 1 Eprints | 1 Eprints | 2024-02-28 | 6.5 MEDIUM | 8.8 HIGH |
| EPrints 3.4.2 allows remote attackers to execute arbitrary commands via crafted input to the verb parameter in a cgi/toolbox/toolbox URI. | |||||
| CVE-2021-21016 | 1 Magento | 1 Magento | 2024-02-28 | 9.0 HIGH | 9.1 CRITICAL |
| Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to OS command injection via the WebAPI. Successful exploitation could lead to remote code execution by an authenticated attacker. Access to the admin console is required for successful exploitation. | |||||
| CVE-2020-7781 | 1 Connection-tester Project | 1 Connection-tester | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
| This affects the package connection-tester before 0.2.1. The injection point is located in line 15 in index.js. The following PoC demonstrates the vulnerability: | |||||
| CVE-2021-1441 | 1 Cisco | 3 Esr6300, Ios Xe, Ir1101 | 2024-02-28 | 7.2 HIGH | 6.7 MEDIUM |
| A vulnerability in the hardware initialization routines of Cisco IOS XE Software for Cisco 1100 Series Industrial Integrated Services Routers and Cisco ESR6300 Embedded Series Routers could allow an authenticated, local attacker to execute unsigned code at system boot time. This vulnerability is due to incorrect validations of parameters passed to a diagnostic script that is executed when the device boots up. An attacker could exploit this vulnerability by tampering with an executable file stored on a device. A successful exploit could allow the attacker to execute unsigned code at boot time and bypass the software image verification check part of the secure boot process of an affected device. To exploit this vulnerability, the attacker would need administrative level credentials (level 15) on the device. | |||||
| CVE-2020-15272 | 1 Git-tag-annotation-action Project | 1 Git-tag-annotation-action | 2024-02-28 | 6.5 MEDIUM | 9.6 CRITICAL |
| In the git-tag-annotation-action (open source GitHub Action) before version 1.0.1, an attacker can execute arbitrary (*) shell commands if they can control the value of [the `tag` input] or manage to alter the value of [the `GITHUB_REF` environment variable]. The problem has been patched in version 1.0.1. If you don't use the `tag` input you are most likely safe. The `GITHUB_REF` environment variable is protected by the GitHub Actions environment so attacks from there should be impossible. If you must use the `tag` input and cannot upgrade to `> 1.0.0` make sure that the value is not controlled by another Action. | |||||
| CVE-2020-35714 | 1 Linksys | 2 Re6500, Re6500 Firmware | 2024-02-28 | 6.5 MEDIUM | 8.8 HIGH |
| Belkin LINKSYS RE6500 devices before 1.0.11.001 allow remote authenticated users to execute arbitrary commands via goform/systemCommand?command= in conjunction with the goform/pingstart program. | |||||
| CVE-2020-1946 | 3 Apache, Debian, Fedoraproject | 3 Spamassassin, Debian Linux, Fedora | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
| In Apache SpamAssassin before 3.4.5, malicious rule configuration (.cf) files can be configured to run system commands without any output or errors. With this, exploits can be injected in a number of scenarios. In addition to upgrading to SA version 3.4.5, users should only use update channels or 3rd party .cf files from trusted places. | |||||
| CVE-2020-10208 | 1 Amino | 12 Ak45x, Ak45x Firmware, Ak5xx and 9 more | 2024-02-28 | 9.0 HIGH | 9.9 CRITICAL |
| Command Injection in EntoneWebEngine in Amino Communications AK45x series, AK5xx series, AK65x series, Aria6xx series, Aria7/AK7Xx series and Kami7B allows authenticated remote attackers to execute arbitrary commands with root user privileges. | |||||
| CVE-2021-26680 | 1 Arubanetworks | 1 Clearpass Policy Manager | 2024-02-28 | 9.0 HIGH | 7.2 HIGH |
| A remote authenticated command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1. A vulnerability in the ClearPass web-based management interface allows remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise. | |||||
| CVE-2020-28188 | 1 Terra-master | 1 Tos | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
| Remote Command Execution (RCE) vulnerability in TerraMaster TOS <= 4.2.06 allow remote unauthenticated attackers to inject OS commands via /include/makecvs.php in Event parameter. | |||||
| CVE-2020-12124 | 1 Wavlink | 2 Wn530h4, Wn530h4 Firmware | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
| A remote command-line injection vulnerability in the /cgi-bin/live_api.cgi endpoint of the WAVLINK WN530H4 M30H4.V5030.190403 allows an attacker to execute arbitrary Linux commands as root without authentication. | |||||
| CVE-2020-5685 | 1 Nec | 4 Univerge Sv8500, Univerge Sv8500 Firmware, Univerge Sv9500 and 1 more | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
| UNIVERGE SV9500 series from V1 to V7and SV8500 series from S6 to S8 allows an attacker to execute arbitrary OS commands or cause a denial-of-service (DoS) condition by sending a specially crafted request to a specific URL. | |||||
| CVE-2020-27159 | 1 Westerndigital | 6 My Cloud Ex4100, My Cloud Expert Series Ex2, My Cloud Firmware and 3 more | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
| Addressed remote code execution vulnerability in DsdkProxy.php due to insufficient sanitization and insufficient validation of user input in Western Digital My Cloud NAS devices prior to 5.04.114 | |||||
| CVE-2020-27861 | 1 Netgear | 71 Cbk40, Cbk40 Firmware, Cbk43 and 68 more | 2024-02-28 | 8.3 HIGH | 8.8 HIGH |
| This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR Orbi 2.5.1.16 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the UA_Parser utility. A crafted Host Name option in a DHCP request can trigger execution of a system call composed from a user-supplied string. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-11076. | |||||