Total
3673 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-5167 | 1 Wago | 2 Pfc200 Firmware, Pfc 200 | 2020-08-24 | 7.2 HIGH | 7.8 HIGH |
| An exploitable command injection vulnerability exists in the iocheckd service ‘I/O-Check’ function of the WAGO PFC 200 version 03.02.02(14). At 0x1e3f0 the extracted dns value from the xml file is used as an argument to /etc/config-tools/edit_dns_server %s dns-server-nr=%d dns-server-name=<contents of dns node> using sprintf(). This command is later executed via a call to system(). This is done in a loop and there is no limit to how many dns entries will be parsed from the xml file. | |||||
| CVE-2018-14572 | 1 Pyconuk | 1 Conference-scheduler-cli | 2020-08-24 | 6.8 MEDIUM | 7.8 HIGH |
| In conference-scheduler-cli, a pickle.load call on imported data allows remote attackers to execute arbitrary code via a crafted .pickle file, as demonstrated by Python code that contains an os.system call. | |||||
| CVE-2018-10699 | 1 Moxa | 2 Awk-3121, Awk-3121 Firmware | 2020-08-24 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered on Moxa AWK-3121 1.14 devices. The Moxa AWK 3121 provides certfile upload functionality so that an administrator can upload a certificate file used for connecting to the wireless network. However, the same functionality allows an attacker to execute commands on the device. The POST parameter "iw_privatePass" is susceptible to this injection. By crafting a packet that contains shell metacharacters, it is possible for an attacker to execute the attack. | |||||
| CVE-2018-5265 | 1 Ui | 2 Edgeos, Erlite-3 | 2020-08-24 | 6.5 MEDIUM | 7.2 HIGH |
| Ubiquiti EdgeOS 1.9.1 on EdgeRouter Lite devices allows remote attackers to execute arbitrary code with admin credentials, because /opt/vyatta/share/vyatta-cfg/templates/system/static-host-mapping/host-name/node.def does not sanitize the 'alias' or 'ips' parameter for shell metacharacters. | |||||
| CVE-2019-12103 | 1 Tp-link | 2 M7350, M7350 Firmware | 2020-08-24 | 10.0 HIGH | 9.8 CRITICAL |
| The web-based configuration interface of the TP-Link M7350 V3 with firmware before 190531 is affected by a pre-authentication command injection vulnerability. | |||||
| CVE-2019-3725 | 1 Rsa | 2 Netwitness, Security Analytics | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| RSA Netwitness Platform versions prior to 11.2.1.1 and RSA Security Analytics versions prior to 10.6.6.1 are vulnerable to a Command Injection vulnerability due to missing input validation in the product. A remote unauthenticated malicious user could exploit this vulnerability to execute arbitrary commands on the server. | |||||
| CVE-2019-6487 | 1 Tp-link | 10 Tl-wdr3500, Tl-wdr3500 Firmware, Tl-wdr3600 and 7 more | 2020-08-24 | 6.5 MEDIUM | 8.8 HIGH |
| TP-Link WDR Series devices through firmware v3 (such as TL-WDR5620 V3.0) are affected by command injection (after login) leading to remote code execution, because shell metacharacters can be included in the weather get_weather_observe citycode field. | |||||
| CVE-2018-9086 | 1 Lenovo | 8 Thinkserver Rd340, Thinkserver Rd340 Firmware, Thinkserver Rd440 and 5 more | 2020-08-24 | 6.5 MEDIUM | 7.2 HIGH |
| In some Lenovo ThinkServer-branded servers, a command injection vulnerability exists in the BMC firmware download command. This allows a privileged user to download and execute arbitrary code inside the BMC. This can only be exploited by authorized privileged users. | |||||
| CVE-2018-20122 | 1 Fastweb | 2 Fastgate, Fastgate Firmware | 2020-08-24 | 10.0 HIGH | 9.8 CRITICAL |
| The web interface on FASTGate Fastweb devices with firmware through 0.00.47_FW_200_Askey 2017-05-17 (software through 1.0.1b) exposed a CGI binary that is vulnerable to a command injection vulnerability that can be exploited to achieve remote code execution with root privileges. No authentication is required in order to trigger the vulnerability. | |||||
| CVE-2019-11410 | 1 Fusionpbx | 1 Fusionpbx | 2020-08-24 | 9.0 HIGH | 7.2 HIGH |
| app/backup/index.php in the Backup Module in FusionPBX 4.4.3 suffers from a command injection vulnerability due to a lack of input validation, which allows authenticated administrative attackers to execute commands on the host. | |||||
| CVE-2019-1010179 | 1 Phkp Project | 1 Phkp | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| PHKP including commit 88fd9cfdf14ea4b6ac3e3967feea7bcaabb6f03b is affected by: Improper Neutralization of Special Elements used in a Command ('Command Injection'). The impact is: It is possible to manipulate gpg-keys or execute commands remotely. The component is: function pgp_exec() phkp.php:98. The attack vector is: HKP-Api: /pks/lookup?search. | |||||
| CVE-2018-19977 | 1 Auerswald | 2 Comfortel 1200 Ip, Comfortel 1200 Ip Firmware | 2020-08-24 | 7.7 HIGH | 8.0 HIGH |
| A command injection (missing input validation, escaping) in the ftp upgrade configuration interface on the Auerswald COMfort 1200 IP phone 3.4.4.1-10589 allows an authenticated remote attacker (simple user) -- in the same network as the device -- to trigger OS commands (like starting telnetd or opening a reverse shell) via a POST request to the web server. | |||||
| CVE-2019-15348 | 1 Tecno-mobile | 1 Tecno\/h612\/tecno-id5a\ | 2020-08-24 | 7.2 HIGH | 7.8 HIGH |
| The Tecno Camon Android device with a build fingerprint of TECNO/H612/TECNO-ID5a:8.1.0/O11019/F-180828V106:user/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer (versionCode=7, versionName=7.0.11). This app contains an exported service named com.lovelyfont.manager.FontCoverService that allows any app co-located on the device to supply arbitrary commands via shell script to be executed as the system user that are triggered by writing an attacker-selected message to the logcat log. This app cannot be disabled by the user and the attack can be performed by a zero-permission app. Executing commands as the system user can allow a third-party app to video record the user's screen, factory reset the device, obtain the user's notifications, read the logcat logs, inject events in the Graphical User Interface (GUI), and obtains the user's text messages, and more. Executing commands as the system user can allow a third-party app to factory reset the device, obtain the user's notifications, read the logcat logs, inject events in the GUI, change the default Input Method Editor (IME) (e.g., keyboard) with one contained within the attacking app that contains keylogging functionality, and obtains the user's text messages, and more. | |||||
| CVE-2019-20488 | 1 Netgear | 2 Wnr1000, Wnr1000 Firmware | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on NETGEAR WNR1000V4 1.1.0.54 devices. Multiple actions within the web management interface (setup.cgi) are vulnerable to command injection, allowing remote attackers to execute arbitrary commands, as demonstrated by shell metacharacters in the sysDNSHost parameter. | |||||
| CVE-2019-13025 | 1 Compal | 2 Ch7465lg, Ch7465lg Firmware | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| Compal CH7465LG CH7465LG-NCIP-6.12.18.24-5p8-NOSH devices have Incorrect Access Control because of Improper Input Validation. The attacker can send a maliciously modified POST (HTTP) request containing shell commands, which will be executed on the device, to an backend API endpoint of the cable modem. | |||||
| CVE-2019-15746 | 1 Sitos | 1 Sitos Six | 2020-08-24 | 10.0 HIGH | 9.8 CRITICAL |
| SITOS six Build v6.2.1 allows an attacker to inject arbitrary PHP commands. As a result, an attacker can compromise the running server and execute system commands in the context of the web user. | |||||
| CVE-2019-12839 | 1 Orangehrm | 1 Orangehrm | 2020-08-24 | 6.5 MEDIUM | 8.8 HIGH |
| In OrangeHRM 4.3.1 and before, there is an input validation error within admin/listMailConfiguration (txtSendmailPath parameter) that allows authenticated attackers to achieve arbitrary command execution. | |||||
| CVE-2019-12324 | 1 Akuvox | 2 Sp-r50p, Sp-r50p Firmware | 2020-08-24 | 9.0 HIGH | 7.2 HIGH |
| A command injection (missing input validation) issue in the IP address field for the logging server in the configuration web interface on the Akuvox R50P VoIP phone with firmware 50.0.6.156 allows an authenticated remote attacker in the same network to trigger OS commands via shell metacharacters in a POST request. | |||||
| CVE-2019-9194 | 1 Std42 | 1 Elfinder | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| elFinder before 2.1.48 has a command injection vulnerability in the PHP connector. | |||||
| CVE-2018-16593 | 1 Sony | 105 Kd-43xe7000, Kd-43xe7002, Kd-43xe7003 and 102 more | 2020-08-24 | 8.3 HIGH | 8.8 HIGH |
| The Photo Sharing Plus component on Sony Bravia TV through 8.587 devices allows Shell Metacharacter Injection. | |||||