CWE-78— OS Command Injection
The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.— MITRE CWE catalog
5,847 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-78page 60 of 117
- CVE-2023-25925HIGHCVSS 8.5EG 8.52024-02-28
IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 247632.
- CVE-2023-26039HIGHCVSS 7.1EG 7.12023-02-25
ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras. Versions prior to 1.36.33 and 1.37.33 contain an OS Command Injection via daemonControl() in (/web/api/ap…
- CVE-2023-26127HIGHCVSS 7.8EG 7.82023-05-27
All versions of the package n158 are vulnerable to Command Injection due to improper input sanitization in the 'module.exports' function. **Note:** To execute the code snippet and potentially exploit the vulnerability, the attacker needs…
- CVE-2023-26128HIGHCVSS 8.4EG 8.42023-05-27
All versions of the package keep-module-latest are vulnerable to Command Injection due to missing input sanitization or other checks and sandboxes being employed to the installModule function. **Note:** To execute the code snippet and po…
- CVE-2023-26129HIGHCVSS 8.4EG 7.82023-05-27
All versions of the package bwm-ng are vulnerable to Command Injection due to improper input sanitization in the 'check' function in the bwm-ng.js file. **Note:** To execute the code snippet and potentially exploit the vulnerability, th…
- CVE-2023-26134CRITICALCVSS 9.8EG 9.82023-06-28
Versions of the package git-commit-info before 2.0.2 are vulnerable to Command Injection such that the package-exported method gitCommitInfo () fails to sanitize its parameter commit, which later flows into a sensitive command execution AP…
- CVE-2023-26145HIGHCVSS 7.4EG 7.42023-09-28
This affects versions of the package pydash before 6.0.0. A number of pydash methods such as pydash.objects.invoke() and pydash.collections.invoke_map() accept dotted paths (Deep Path Strings) to target a nested Python object, relative to …
- CVE-2023-26153HIGHCVSS 8.3EG 8.32023-10-06
Versions of the package geokit-rails before 2.5.0 are vulnerable to Command Injection due to unsafe deserialisation of YAML within the 'geo_location' cookie. This issue can be exploited remotely via a malicious cookie value. **Note:** A…
- CVE-2023-26155HIGHCVSS 7.3EG 7.32023-10-14
All versions of the package node-qpdf are vulnerable to Command Injection such that the package-exported method encrypt() fails to sanitize its parameter input, which later flows into a sensitive command execution API. As a result, attacke…
- CVE-2023-26156MEDIUMCVSS 5.6EG 5.62023-11-09
Versions of the package chromedriver before 119.0.1 are vulnerable to Command Injection when setting the chromedriver.path to an arbitrary system binary. This could lead to unauthorized access and potentially malicious actions on the host …
- CVE-2023-26210HIGHCVSS 7.8EG 7.82023-06-13
Multiple improper neutralization of special elements used in an os command ('OS Command Injection') vulnerabilties [CWE-78] vulnerability in Fortinet allows a local authenticated attacker to execute arbitrary shell code as `root` user via…
- CVE-2023-26213HIGHCVSS 7.2EG 7.22023-03-03
On Barracuda CloudGen WAN Private Edge Gateway devices before 8 webui-sdwan-1089-8.3.1-174141891, an OS command injection vulnerability exists in /ajax/update_certificate - a crafted HTTP request allows an authenticated attacker to execute…
- CVE-2023-2625CRITICALCVSS 9.0EG 9.02023-06-28
A vulnerability exists that can be exploited by an authenticated client that is connected to the same network segment as the CoreTec 4, having any level of access VIEWER to ADMIN. To exploit the vulnerability the attacker can inject shell …
- CVE-2023-26315MEDIUMCVSS 6.5EG 6.52024-08-26
The Xiaomi router AX9000 has a post-authentication command injection vulnerability. This vulnerability is caused by the lack of input filtering, allowing an attacker to exploit it to obtain root access to the device.
- CVE-2023-26317HIGHCVSS 7.0EG 9.82023-08-02
Xiaomi routers have an external interface that can lead to command injection. The vulnerability is caused by lax filtering of responses from external interfaces. Attackers can exploit this vulnerability to gain access to the router by hija…
- CVE-2023-26319MEDIUMCVSS 6.7EG 6.72023-10-11
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Xiaomi Xiaomi Router allows Command Injection.
- CVE-2023-26482CRITICALCVSS 9.0EG 9.02023-03-30
Nextcloud server is an open source home cloud implementation. In affected versions a missing scope validation allowed users to create workflows which are designed to be only available for administrators. Some workflows are designed to be R…
- CVE-2023-26490HIGHCVSS 7.3EG 7.32023-03-04
mailcow is a dockerized email package, with multiple containers linked in one bridged network. The Sync Job feature - which can be made available to standard users by assigning them the necessary permission - suffers from a shell command i…
- CVE-2023-26613CRITICALCVSS 9.8EG 9.82023-06-29
An OS command injection vulnerability in D-Link DIR-823G firmware version 1.02B05 allows unauthorized attackers to execute arbitrary operating system commands via a crafted GET request to EXCU_SHELL.
- CVE-2023-26759HIGHCVSS 8.8EG 8.82023-02-27
Sme.UP ERP TOKYO V6R1M220406 was discovered to contain an OS command injection vulnerability via calls made to the XMService component.
- CVE-2023-26921CRITICALCVSS 9.8EG 9.82023-04-04
OS Command Injection vulnerability in quectel AG550QCN allows attackers to execute arbitrary commands via ql_atfwd.
- CVE-2023-27076CRITICALCVSS 9.8EG 9.82023-04-10
Command injection vulnerability found in Tenda G103 v.1.0.0.5 allows attacker to execute arbitrary code via a the language parameter.
- CVE-2023-27198MEDIUMCVSS 6.8EG 6.82023-07-05
PAX A930 device with PayDroid_7.1.1_Virgo_V04.5.02_20220722 can allow the execution of arbitrary commands by using the exec service and including a specific word in the command to be executed. The attacker must have physical USB access to …
- CVE-2023-27216HIGHCVSS 8.8EG 8.82023-04-12
An issue found in D-Link DSL-3782 v.1.03 allows remote authenticated users to execute arbitrary code as root via the network settings page.
- CVE-2023-27356HIGHCVSS 8.0EG 6.82024-05-03
NETGEAR RAX30 logCtrl Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR RAX30 routers. Although authentication is requ…
- CVE-2023-27367HIGHCVSS 8.0EG 8.02024-05-03
NETGEAR RAX30 libcms_cli Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR RAX30 routers. Although authentication is r…
- CVE-2023-27380HIGHCVSS 7.2EG 7.22023-10-11
An OS command injection vulnerability exists in the admin.cgi USSD_send functionality of peplink Surf SOHO HW1 v6.3.5 (in QEMU). A specially crafted HTTP request can lead to command execution. An attacker can make an authenticated HTTP req…
- CVE-2023-27394CRITICALCVSS 9.8EG 9.82023-03-28
Osprey Pump Controller version 1.01 is vulnerable an unauthenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through a HTTP GET parameter called by DataLogView.php, EventsVie…
- CVE-2023-27407CRITICALCVSS 9.9EG 9.92023-05-09
A vulnerability has been identified in SCALANCE LPE9403 (All versions < V2.1). The web based management of affected device does not properly validate user input, making it susceptible to command injection. This could allow an authenticated…
- CVE-2023-27514HIGHCVSS 8.8EG 8.82023-05-23
OS command injection vulnerability in the download page of SolarView Compact SV-CPT-MC310 versions prior to Ver.8.10 and SV-CPT-MC310F versions prior to Ver.8.10 allows a remote authenticated attacker to execute an arbitrary OS command.
- CVE-2023-27521HIGHCVSS 8.8EG 8.82023-05-23
OS command injection vulnerability in the mail setting page of SolarView Compact SV-CPT-MC310 versions prior to Ver.8.10 and SV-CPT-MC310F versions prior to Ver.8.10 allows remote authenticated attackers to execute an arbitrary OS command.
- CVE-2023-27826HIGHCVSS 8.8EG 8.82023-04-12
SeowonIntech SWC 5100W WIMAX Bootloader 1.18.19.0, HW 0.0.7.0, and FW 1.11.0.1, 1.9.9.4 are vulnerable to OS Command Injection. which allows attackers to take over the system with root privilege by abusing doSystem() function.
- CVE-2023-27886CRITICALCVSS 9.8EG 9.82023-03-28
Osprey Pump Controller version 1.01 is vulnerable to an unauthenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through a HTTP POST parameter called by index.php script.
- CVE-2023-27917HIGHCVSS 8.8EG 8.82023-04-11
OS command injection vulnerability in CONPROSYS IoT Gateway products allows a remote authenticated attacker who can access Network Maintenance page to execute arbitrary OS commands with a root privilege. The affected products and versions …
- CVE-2023-27985HIGHCVSS 7.8EG 9.82023-03-09
emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable to shell command injections through a crafted mailto: URI. This is related to lack of compliance with the Desktop Entry Specification. It is fixed in 29.0.90
- CVE-2023-27988HIGHCVSS 7.2EG 7.22023-05-30
The post-authentication command injection vulnerability in the Zyxel NAS326 firmware versions prior to V5.21(AAZF.13)C0 could allow an authenticated attacker with administrator privileges to execute some operating system (OS) commands on a…
- CVE-2023-27991HIGHCVSS 8.8EG 8.82023-04-24
The post-authentication command injection vulnerability in the CLI command of Zyxel ATP series firmware versions 4.32 through 5.35, USG FLEX series firmware versions 4.50 through 5.35, USG FLEX 50(W) firmware versions 4.16 through 5.35, US…
- CVE-2023-27992CRITICALCVSS 9.8EG 9.8⚠ KEV2023-06-19
The pre-authentication command injection vulnerability in the Zyxel NAS326 firmware versions prior to V5.21(AAZF.14)C0, NAS540 firmware versions prior to V5.21(AATB.11)C0, and NAS542 firmware versions prior to V5.21(ABAG.11)C0 could all…
- CVE-2023-27999HIGHCVSS 7.8EG 7.82023-05-03
An improper neutralization of special elements used in an OS command vulnerability [CWE-78] in FortiADC 7.2.0, 7.1.0 through 7.1.1 may allow an authenticated attacker to execute unauthorized commands via specifically crafted arguments to …
- CVE-2023-28000MEDIUMCVSS 6.7EG 6.72023-06-13
An improper neutralization of special elements used in an OS command vulnerability [CWE-78] in FortiADC CLI 7.1.0, 7.0.0 through 7.0.3, 6.2.0 through 6.2.4, 6.1 all versions, 6.0 all versions may allow a local and authenticated attacker t…
- CVE-2023-28102HIGHCVSS 8.3EG 8.32023-03-27
discordrb is an implementation of the Discord API using Ruby. In discordrb before commit `91e13043ffa` the `encoder.rb` file unsafely constructs a shell string using the file parameter, which can potentially leave clients of discordrb vuln…
- CVE-2023-28343CRITICALCVSS 9.8EG 9.82023-03-14
OS command injection affects Altenergy Power Control Software C1.2.5 via shell metacharacters in the index.php/management/set_timezone timezone parameter, because of set_timezone in models/management_model.php.
- CVE-2023-28381HIGHCVSS 7.2EG 7.22023-10-11
An OS command injection vulnerability exists in the admin.cgi MVPN_trial_init functionality of peplink Surf SOHO HW1 v6.3.5 (in QEMU). A specially crafted HTTP request can lead to command execution. An attacker can make an authenticated HT…
- CVE-2023-28384HIGHCVSS 8.8EG 8.82023-04-27
mySCADA myPRO versions 8.26.0 and prior has parameters which an authenticated user could exploit to inject arbitrary operating system commands.
- CVE-2023-28392HIGHCVSS 7.2EG 7.22023-05-23
Wi-Fi AP UNIT AC-PD-WAPU v1.05_B04 and earlier, AC-PD-WAPUM v1.05_B04 and earlier, AC-PD-WAPU-P v1.05_B04P and earlier, AC-PD-WAPUM-P v1.05_B04P and earlier, AC-WAPU-300 v1.00_B07 and earlier, AC-WAPU-300-P v1.00_B08P and earlier, AC-WAPUM…
- CVE-2023-28394HIGHCVSS 8.8EG 8.82023-05-23
Beekeeper Studio versions prior to 3.9.9 allows a remote authenticated attacker to execute arbitrary JavaScript code with the privilege of the application on the PC where the affected product is installed. As a result, an arbitrary OS comm…
- CVE-2023-28400HIGHCVSS 8.8EG 8.82023-04-27
mySCADA myPRO versions 8.26.0 and prior has parameters which an authenticated user could exploit to inject arbitrary operating system commands.
- CVE-2023-28528HIGHCVSS 8.4EG 8.42023-04-28
IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the invscout command to execute arbitrary commands. IBM X-Force ID: 251207.
- CVE-2023-28614CRITICALCVSS 9.8EG 9.82023-09-15
Freewill iFIS (aka SMART Trade) 20.01.01.04 allows OS Command Injection via shell metacharacters to a report page.
- CVE-2023-28617HIGHCVSS 7.8EG 9.82023-03-19
org-babel-execute:latex in ob-latex.el in Org Mode through 9.6.1 for GNU Emacs allows attackers to execute arbitrary commands via a file name or directory name that contains shell metacharacters.
Map vulnerabilities like CWE-78 to your infrastructure
EchelonGraph correlates every CVE — across CWE-78 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →