Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by CWE-78
Total 2452 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-14889 6 Canonical, Debian, Fedoraproject and 3 more 6 Ubuntu Linux, Debian Linux, Fedora and 3 more 2023-02-01 9.3 HIGH 8.8 HIGH
A flaw was found with the libssh API function ssh_scp_new() in versions before 0.9.3 and before 0.8.8. When the libssh SCP client connects to a server, the scp command, which includes a user-provided path, is executed on the server-side. In case the library is used in a way where users can influence the third parameter of the function, it would become possible for an attacker to inject arbitrary commands, leading to a compromise of the remote target.
CVE-2022-29843 1 Westerndigital 16 My Cloud Dl2100, My Cloud Dl2100 Firmware, My Cloud Dl4100 and 13 more 2023-02-01 N/A 9.8 CRITICAL
A command injection vulnerability in the DDNS service configuration of Western Digital My Cloud OS 5 devices running firmware versions prior to 5.26.119 allows an attacker to execute code in the context of the root user.
CVE-2020-7980 1 Intelliantech 1 Aptus Web 2023-02-01 10.0 HIGH 9.8 CRITICAL
Intellian Aptus Web 1.24 allows remote attackers to execute arbitrary OS commands via the Q field within JSON data to the cgi-bin/libagent.cgi URI. NOTE: a valid sid cookie for a login to the intellian default account might be needed.
CVE-2019-7384 1 Raisecom 8 Iscom Ht803g-1ge, Iscom Ht803g-1ge Firmware, Iscom Ht803g-u and 5 more 2023-01-31 7.2 HIGH 7.8 HIGH
An authenticated shell command injection issue has been discovered in Raisecom ISCOM HT803G-U, HT803G-W, HT803G-1GE, and HT803G GPON products with the firmware version ISCOMHT803G-U_2.0.0_140521_R4.1.47.002 or below. The value of the fmgpon_loid parameter is used in a system call inside the boa binary. Because there is no user input validation, this leads to authenticated code execution on the device.
CVE-2019-7385 1 Raisecom 8 Iscom Ht803g-1ge, Iscom Ht803g-1ge Firmware, Iscom Ht803g-u and 5 more 2023-01-31 7.2 HIGH 7.8 HIGH
An authenticated shell command injection issue has been discovered in Raisecom ISCOM HT803G-U, HT803G-W, HT803G-1GE, and HT803G GPON products with the firmware version ISCOMHT803G-U_2.0.0_140521_R4.1.47.002 or below, The values of the newpass and confpass parameters in /bin/WebMGR are used in a system call in the firmware. Because there is no user input validation, this leads to authenticated code execution on the device.
CVE-2019-19509 1 Rconfig 1 Rconfig 2023-01-31 9.0 HIGH 8.8 HIGH
An issue was discovered in rConfig 3.9.3. A remote authenticated user can directly execute system commands by sending a GET request to ajaxArchiveFiles.php because the path parameter is passed to the exec function without filtering, which can lead to command execution.
CVE-2019-4202 1 Ibm 1 Api Connect 2023-01-30 10.0 HIGH 10.0 CRITICAL
IBM API Connect 5.0.0.0 and 5.0.8.6 Developer Portal is vulnerable to command injection. An attacker with a specially crafted request can run arbitrary code on the server and gain complete access to the system. IBM X-Force ID: 159123.
CVE-2023-23596 1 Jc21 1 Nginx Proxy Manager 2023-01-30 N/A 8.8 HIGH
jc21 NGINX Proxy Manager through 2.9.19 allows OS command injection. When creating an access list, the backend builds an htpasswd file with crafted username and/or password input that is concatenated without any validation, and is directly passed to the exec command, potentially allowing an authenticated attacker to execute arbitrary commands on the system. NOTE: this is not part of any NGINX software shipped by F5.
CVE-2019-11829 1 Synology 1 Calendar 2023-01-30 7.5 HIGH 9.8 CRITICAL
OS command injection vulnerability in drivers_syno_import_user.php in Synology Calendar before 2.3.1-0617 allows remote attackers to execute arbitrary commands via the crafted 'X-Real-IP' header.
CVE-2019-12181 1 Solarwinds 2 Serv-u Ftp Server, Serv-u Mft Server 2023-01-30 6.5 MEDIUM 8.8 HIGH
A privilege escalation vulnerability exists in SolarWinds Serv-U before 15.1.7 for Linux.
CVE-2018-3746 1 Pdfinfojs Project 1 Pdfinfojs 2023-01-30 10.0 HIGH 9.8 CRITICAL
The pdfinfojs NPM module versions <= 0.3.6 has a command injection vulnerability that allows an attacker to execute arbitrary commands on the victim's machine.
CVE-2022-44149 1 Nexxtsolutions 2 Amp300, Amp300 Firmware 2023-01-30 N/A 8.8 HIGH
The web service on Nexxt Amp300 ARN02304U8 42.103.1.5095 and 80.103.2.5045 devices allows remote OS command execution by placing &telnetd in the JSON host field to the ping feature of the goform/sysTools component. Authentication is required
CVE-2023-20007 1 Cisco 8 Rv340, Rv340 Firmware, Rv340w and 5 more 2023-01-30 N/A 7.2 HIGH
A vulnerability in the web-based management interface of Cisco Small Business RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an authenticated, remote attacker to execute arbitrary code or cause the web-based management process on the device to restart unexpectedly, resulting in a denial of service (DoS) condition. The attacker must have valid administrator credentials. This vulnerability is due to insufficient validation of user-supplied input to the web-based management interface. An attacker could exploit this vulnerability by sending crafted HTTP input to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the web-based management process to restart, resulting in a DoS condition.
CVE-2023-0164 1 Orangescrum 1 Orangescrum 2023-01-27 N/A 8.8 HIGH
OrangeScrum version 2.0.11 allows an authenticated external attacker to execute arbitrary commands on the server. This is possible because the application injects an attacker-controlled parameter into a system function.
CVE-2020-14947 1 Factorfx 1 Open Computer Software Inventory Next Generation 2023-01-27 6.5 MEDIUM 8.8 HIGH
OCS Inventory NG 2.7 allows Remote Command Execution via shell metacharacters to require/commandLine/CommandLine.php because mib_file in plugins/main_sections/ms_config/ms_snmp_config.php is mishandled in get_mib_oid.
CVE-2020-13151 1 Aerospike 1 Aerospike Server 2023-01-27 10.0 HIGH 9.8 CRITICAL
Aerospike Community Edition 4.9.0.5 allows for unauthenticated submission and execution of user-defined functions (UDFs), written in Lua, as part of a database query. It attempts to restrict code execution by disabling os.execute() calls, but this is insufficient. Anyone with network access can use a crafted UDF to execute arbitrary OS commands on all nodes of the cluster at the permission level of the user running the Aerospike service.
CVE-2019-11539 1 Pulsesecure 2 Pulse Connect Secure, Pulse Policy Secure 2023-01-27 6.5 MEDIUM 7.2 HIGH
In Pulse Secure Pulse Connect Secure version 9.0RX before 9.0R3.4, 8.3RX before 8.3R7.1, 8.2RX before 8.2R12.1, and 8.1RX before 8.1R15.1 and Pulse Policy Secure version 9.0RX before 9.0R3.2, 5.4RX before 5.4R7.1, 5.3RX before 5.3R12.1, 5.2RX before 5.2R12.1, and 5.1RX before 5.1R15.1, the admin web interface allows an authenticated attacker to inject and execute commands.
CVE-2022-40847 1 Tenda 2 Ac1200 V-w15ev2, W15e Firmware 2023-01-27 N/A 7.8 HIGH
In Tenda AC1200 Router model W15Ev2 V15.11.0.10(1576), there exists a command injection vulnerability in the function formSetFixTools. This vulnerability allows attackers to run arbitrary commands on the server via the hostname parameter.
CVE-2022-42053 1 Tenda 2 Ac1200 V-w15ev2, W15e Firmware 2023-01-27 N/A 7.8 HIGH
Tenda AC1200 Router Model W15Ev2 V15.11.0.10(1576) was discovered to contain a command injection vulnerability via the PortMappingServer parameter in the setPortMapping function.
CVE-2022-20964 1 Cisco 1 Identity Services Engine 2023-01-26 N/A 8.8 HIGH
A vulnerability in the web-based management interface of Cisco Identity Services Engine could allow an authenticated, remote attacker to inject arbitrary commands on the underlying operating system. This vulnerability is due to improper validation of user input within requests as part of the web-based management interface. An attacker could exploit this vulnerability by manipulating requests to the web-based management interface to contain operating system commands. A successful exploit could allow the attacker to execute arbitrary operating system commands on the underlying operating system with the privileges of the web services user. Cisco has not yet released software updates that address this vulnerability.