Total
3666 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-10795 | 1 Gira | 2 Tks-ip-gateway, Tks-ip-gateway Firmware | 2024-02-28 | 9.0 HIGH | 7.2 HIGH |
Gira TKS-IP-Gateway 4.0.7.7 is vulnerable to authenticated remote code execution via the backup functionality of the web frontend. This can be combined with CVE-2020-10794 for remote root access. | |||||
CVE-2019-12112 | 1 Onap | 1 Open Network Automation Platform | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
An issue was discovered in ONAP SDNC before Dublin. By executing sla/upload with a crafted filename parameter, an unauthenticated attacker can execute an arbitrary command. All SDC setups that include admportal are affected. | |||||
CVE-2019-14894 | 1 Redhat | 1 Cloudforms Management Engine | 2024-02-28 | 9.0 HIGH | 7.2 HIGH |
A flaw was found in the CloudForms management engine version 5.10 and CloudForms management version 5.11, which triggered remote code execution through NFS schedule backup. An attacker logged into the management console could use this flaw to execute arbitrary shell commands on the CloudForms server as root. | |||||
CVE-2020-15609 | 1 Centos-webpanel | 1 Centos Web Panel | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
This vulnerability allows remote attackers to execute arbitrary code on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajax_dashboard.php. When parsing the service_stop parameter, the process does not properly validate a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-9726. | |||||
CVE-2020-7602 | 1 Node-prompt-here Project | 1 Node-prompt-here | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
node-prompt-here through 1.0.1 allows execution of arbitrary commands. The "runCommand()" is called by "getDevices()" function in file "linux/manager.js", which is required by the "index. process.env.NM_CLI" in the file "linux/manager.js". This function is used to construct the argument of function "execSync()", which can be controlled by users without any sanitization. | |||||
CVE-2019-16213 | 1 Tendacn | 2 Pa6, Pa6 Firmware | 2024-02-28 | 9.0 HIGH | 8.8 HIGH |
Tenda PA6 Wi-Fi Powerline extender 1.0.1.21 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially crafted string, an attacker could modify the device name of an attached PLC adapter to inject and execute arbitrary commands on the system with root privileges. | |||||
CVE-2020-4066 | 1 Limdu Project | 1 Limdu | 2024-02-28 | 9.0 HIGH | 7.2 HIGH |
In Limdu before 0.95, the trainBatch function has a command injection vulnerability. Clients of the Limdu library are unlikely to be aware of this, so they might unwittingly write code that contains a vulnerability. This has been patched in 0.95. | |||||
CVE-2018-21110 | 1 Netgear | 2 R7800, R7800 Firmware | 2024-02-28 | 5.2 MEDIUM | 6.8 MEDIUM |
NETGEAR R7800 devices before 1.0.2.60 are affected by command injection by an authenticated user. | |||||
CVE-2018-21105 | 1 Netgear | 2 R7800, R7800 Firmware | 2024-02-28 | 5.2 MEDIUM | 6.8 MEDIUM |
NETGEAR R7800 devices before 1.0.2.60 are affected by command injection by an authenticated user. | |||||
CVE-2020-10879 | 1 Rconfig | 1 Rconfig | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
rConfig before 3.9.5 allows command injection by sending a crafted GET request to lib/crud/search.crud.php since the nodeId parameter is passed directly to the exec function without being escaped. | |||||
CVE-2020-3207 | 1 Cisco | 56 Catalyst 3650-12x48uq, Catalyst 3650-12x48ur, Catalyst 3650-12x48uz and 53 more | 2024-02-28 | 7.2 HIGH | 6.7 MEDIUM |
A vulnerability in the processing of boot options of specific Cisco IOS XE Software switches could allow an authenticated, local attacker with root shell access to the underlying operating system (OS) to conduct a command injection attack during device boot. This vulnerability is due to insufficient input validation checks while processing boot options. An attacker could exploit this vulnerability by modifying device boot options to execute attacker-provided code. A successful exploit may allow an attacker to bypass the Secure Boot process and execute malicious code on an affected device with root-level privileges. | |||||
CVE-2020-11581 | 4 Apple, Linux, Oracle and 1 more | 5 Macos, Linux Kernel, Solaris and 2 more | 2024-02-28 | 9.3 HIGH | 8.1 HIGH |
An issue was discovered in Pulse Secure Pulse Connect Secure (PCS) through 2020-04-06. The applet in tncc.jar, executed on macOS, Linux, and Solaris clients when a Host Checker policy is enforced, allows a man-in-the-middle attacker to perform OS command injection attacks (against a client) via shell metacharacters to the doCustomRemediateInstructions method, because Runtime.getRuntime().exec() is used. | |||||
CVE-2020-7634 | 1 Heroku-addonpool Project | 1 Heroku-addonpool | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
heroku-addonpool through 0.1.15 is vulnerable to Command Injection. | |||||
CVE-2020-17352 | 1 Sophos | 1 Xg Firewall Firmware | 2024-02-28 | 6.5 MEDIUM | 8.8 HIGH |
Two OS command injection vulnerabilities in the User Portal of Sophos XG Firewall through 2020-08-05 potentially allow an authenticated attacker to remotely execute arbitrary code. | |||||
CVE-2020-7603 | 1 Closure-compiler-stream Project | 1 Closure-compiler-stream | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
closure-compiler-stream through 0.1.15 allows execution of arbitrary commands. The argument "options" of the exports function in "index.js" can be controlled by users without any sanitization. | |||||
CVE-2020-15420 | 1 Control-webpanel | 1 Webpanel | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
This vulnerability allows remote attackers to execute arbitrary code on affected installations of CentOS Web Panel cwp-el7-0.9.8.891. Authentication is not required to exploit this vulnerability. The specific flaw exists within loader_ajax.php. When parsing the line parameter, the process does not properly validate a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-9259. | |||||
CVE-2020-10808 | 1 Vestacp | 1 Vesta Control Panel | 2024-02-28 | 9.0 HIGH | 8.8 HIGH |
Vesta Control Panel (VestaCP) through 0.9.8-26 allows Command Injection via the schedule/backup Backup Listing Endpoint. The attacker must be able to create a crafted filename on the server, as demonstrated by an FTP session that renames .bash_logout to a .bash_logout' substring followed by shell metacharacters. | |||||
CVE-2020-7825 | 1 Tobesoft | 1 Miplatform | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
A vulnerability exists that could allow the execution of operating system commands on systems running MiPlatform 2019.05.16 and earlier. An attacker could execute arbitrary remote command by sending parameters to WinExec function in ExtCommandApi.dll module of MiPlatform. | |||||
CVE-2020-11733 | 1 Spirent | 3 Avalanche, C100-mp, Testcenter | 2024-02-28 | 9.0 HIGH | 6.7 MEDIUM |
An issue was discovered on Spirent TestCenter and Avalanche appliance admin interface firmware. An attacker, who already has access to an SSH restricted shell, can achieve root access via shell metacharacters. The attacker can then, for example, read sensitive files such as appliance admin configuration source code. This affects Spirent TestCenter and Avalanche products which chassis version <= 5.08. The SSH restricted shell is available with default credentials. | |||||
CVE-2019-19487 | 1 Centreon | 1 Centreon | 2024-02-28 | 6.5 MEDIUM | 8.8 HIGH |
Command Injection in minPlayCommand.php in Centreon (19.04.4 and below) allows an attacker to achieve command injection via a plugin test. |