Total
3666 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-1514 | 1 Cisco | 23 Catalyst Sd-wan Manager, Sd-wan Vbond Orchestrator, Sd-wan Vmanage and 20 more | 2024-02-28 | 4.6 MEDIUM | 7.8 HIGH |
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands to be executed with Administrator privileges on the underlying operating system. This vulnerability is due to insufficient input validation on certain CLI commands. An attacker could exploit this vulnerability by authenticating to the device and submitting crafted input to the CLI. The attacker must be authenticated as a low-privileged user to execute the affected commands. A successful exploit could allow the attacker to execute commands with Administrator privileges. | |||||
CVE-2021-32534 | 1 Qsan | 1 Sanos | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
QSAN SANOS factory reset function does not filter special parameters. Remote attackers can use this vulnerability to inject and execute arbitrary commands without permissions. The referred vulnerability has been solved with the updated version of QSAN SANOS v2.1.0. | |||||
CVE-2021-23374 | 1 Ps-visitor Project | 1 Ps-visitor | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
This affects all versions of package ps-visitor. If attacker-controlled user input is given to the kill function, it is possible for an attacker to execute arbitrary commands. This is due to use of the child_process exec function without input sanitization. | |||||
CVE-2021-23375 | 1 Psnode Project | 1 Psnode | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
This affects all versions of package psnode. If attacker-controlled user input is given to the kill function, it is possible for an attacker to execute arbitrary commands. This is due to use of the child_process exec function without input sanitization. | |||||
CVE-2021-37344 | 1 Nagios | 1 Nagios Xi Switch Wizard | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
Nagios XI Switch Wizard before version 2.5.7 is vulnerable to remote code execution through improper neutralisation of special elements used in an OS Command (OS Command injection). | |||||
CVE-2021-34615 | 1 Arubanetworks | 1 Clearpass Policy Manager | 2024-02-28 | 6.5 MEDIUM | 6.3 MEDIUM |
A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.10.0, 6.9.6 and 6.8.9. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability. | |||||
CVE-2021-22123 | 1 Fortinet | 1 Fortiweb | 2024-02-28 | 9.0 HIGH | 8.8 HIGH |
An OS command injection vulnerability in FortiWeb's management interface 6.3.7 and below, 6.2.3 and below, 6.1.x, 6.0.x, 5.9.x may allow a remote authenticated attacker to execute arbitrary commands on the system via the SAML server configuration page. | |||||
CVE-2021-32530 | 1 Qsan | 1 Xevo | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
OS command injection vulnerability in Array function in QSAN XEVO allows remote unauthenticated attackers to execute arbitrary commands via status parameter. The referred vulnerability has been solved with the updated version of QSAN XEVO v2.1.0. | |||||
CVE-2020-25755 | 1 Enphase | 2 Envoy, Envoy Firmware | 2024-02-28 | 6.5 MEDIUM | 8.8 HIGH |
An issue was discovered on Enphase Envoy R3.x and D4.x (and other current) devices. The upgrade_start function in /installer/upgrade_start allows remote authenticated users to execute arbitrary commands via the force parameter. | |||||
CVE-2021-33357 | 1 Raspap | 1 Raspap | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
A vulnerability exists in RaspAP 2.6 to 2.6.5 in the "iface" GET parameter in /ajax/networking/get_netcfg.php, when the "iface" parameter value contains special characters such as ";" which enables an unauthenticated attacker to execute arbitrary OS commands. | |||||
CVE-2021-24015 | 1 Fortinet | 1 Fortimail | 2024-02-28 | 6.5 MEDIUM | 8.8 HIGH |
An improper neutralization of special elements used in an OS Command vulnerability in the administrative interface of FortiMail before 6.4.4 may allow an authenticated attacker to execute unauthorized commands via specifically crafted HTTP requests. | |||||
CVE-2021-39279 | 1 Moxa | 24 Oncell G3470a-lte-eu, Oncell G3470a-lte-eu-t, Oncell G3470a-lte-eu-t Firmware and 21 more | 2024-02-28 | 9.0 HIGH | 8.8 HIGH |
Certain MOXA devices allow Authenticated Command Injection via /forms/web_importTFTP. This affects WAC-2004 1.7, WAC-1001 2.1, WAC-1001-T 2.1, OnCell G3470A-LTE-EU 1.7, OnCell G3470A-LTE-EU-T 1.7, TAP-323-EU-CT-T 1.3, TAP-323-US-CT-T 1.3, TAP-323-JP-CT-T 1.3, WDR-3124A-EU 2.3, WDR-3124A-EU-T 2.3, WDR-3124A-US 2.3, and WDR-3124A-US-T 2.3. | |||||
CVE-2021-28634 | 1 Adobe | 2 Acrobat Dc, Acrobat Reader Dc | 2024-02-28 | 8.5 HIGH | 8.2 HIGH |
Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by an Improper Neutralization of Special Elements used in an OS Command. An authenticated attacker could leverage this vulnerability to achieve arbitrary code execution on the host machine in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
CVE-2020-21992 | 1 Inim | 12 Smartliving 10100l, Smartliving 10100l Firmware, Smartliving 10100lg3 and 9 more | 2024-02-28 | 9.0 HIGH | 8.8 HIGH |
Inim Electronics SmartLiving SmartLAN/G/SI <=6.x suffers from an authenticated remote command injection vulnerability. The issue exist due to the 'par' POST parameter not being sanitized when called with the 'testemail' module through web.cgi binary. The vulnerable CGI binary (ELF 32-bit LSB executable, ARM) is calling the 'sh' executable via the system() function to issue a command using the mailx service and its vulnerable string format parameter allowing for OS command injection with root privileges. An attacker can remotely execute system commands as the root user using default credentials and bypass access controls in place. | |||||
CVE-2021-27708 | 1 Totolink | 4 A720r, A720r Firmware, X5000r and 1 more | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
Command Injection in TOTOLINK X5000R router with firmware v9.1.0u.6118_B20201102, and TOTOLINK A720R router with firmware v4.1.5cu.470_B20200911 allows remote attackers to execute arbitrary OS commands by sending a modified HTTP request. This occurs because the function executes glibc's system function with untrusted input. In the function, "command" parameter is directly passed to the attacker, allowing them to control the "command" field to attack the OS. | |||||
CVE-2021-1476 | 1 Cisco | 2 Adaptive Security Appliance Software, Firepower Threat Defense | 2024-02-28 | 7.2 HIGH | 6.7 MEDIUM |
A vulnerability in the CLI of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system (OS) of an affected device. The vulnerability is due to insufficient input validation of commands that are supplied by the user. An attacker could exploit this vulnerability by authenticating to a device and submitting crafted input for specific commands. A successful exploit could allow the attacker to execute commands on the underlying OS with root privileges. To exploit this vulnerability, an attacker must have valid administrator-level credentials. | |||||
CVE-2020-26670 | 1 Bigtreecms | 1 Bigtree Cms | 2024-02-28 | 6.5 MEDIUM | 8.8 HIGH |
A vulnerability has been discovered in BigTree CMS 4.4.10 and earlier which allows an authenticated attacker to execute arbitrary commands through a crafted request sent to the server via the 'Create a New Setting' function. | |||||
CVE-2021-23422 | 1 Bikeshed Project | 1 Bikeshed | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
This affects the package bikeshed before 3.0.0. This can occur when an untrusted source file containing Inline Tag Command metadata is processed. When an arbitrary OS command is executed, the command output would be included in the HTML output. | |||||
CVE-2021-30231 | 1 Chinamobile | 2 An Lianbao Wf-1, An Lianbao Wf-1 Firmware | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
The api/zrDm/set_ZRElink interface in China Mobile An Lianbao WF-1 router 1.0.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the bssaddr, abiaddr, devtoken, devid, elinksync, or elink_proc_enable parameter. | |||||
CVE-2021-33191 | 1 Apache | 1 Nifi Minifi C\+\+ | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
From Apache NiFi MiNiFi C++ version 0.5.0 the c2 protocol implements an "agent-update" command which was designed to patch the application binary. This "patching" command defaults to calling a trusted binary, but might be modified to an arbitrary value through a "c2-update" command. Said command is then executed using the same privileges as the application binary. This was addressed in version 0.10.0 |