VYPR

CWE-77

Improper Neutralization of Special Elements used in a Command ('Command Injection')

ClassDraftLikelihood: High

Description

The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-136 · CAPEC-15 · CAPEC-183 · CAPEC-248 · CAPEC-40 · CAPEC-43 · CAPEC-75 · CAPEC-76

CVEs mapped to this weakness (1,552)

page 11 of 78
  • CVE-2017-4918CriJun 8, 2017
    risk 0.64cvss 9.8epss 0.05

    VMware Horizon View Client (2.x, 3.x and 4.x prior to 4.5.0) contains a command injection vulnerability in the service startup script. Successful exploitation of this issue may allow unprivileged users to escalate their privileges to root on the Mac OSX system where the client…

  • CVE-2017-7689CriApr 11, 2017
    risk 0.64cvss 9.8epss 0.06

    A Command Injection vulnerability in Schneider Electric homeLYnk Controller exists in all versions before 1.5.0.

  • CVE-2016-5065CriApr 10, 2017
    risk 0.64cvss 9.8epss 0.03

    Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 allow Embedded_Ace_Set_Task.cgi command injection.

  • CVE-2016-10312CriApr 3, 2017
    risk 0.64cvss 9.8epss 0.03

    Jensen of Scandinavia AS Air:Link 3G (AL3G) version 2.23m (Rev. 3), Air:Link 5000AC (AL5000AC) version 1.13, and Air:Link 59300 (AL59300) version 1.04 (Rev. 4) devices allow remote attackers to execute arbitrary commands via shell metacharacters to certain /goform/* pages.

  • CVE-2014-5008CriMar 31, 2017
    risk 0.64cvss 9.8epss 0.04

    Snoopy allows remote attackers to execute arbitrary commands.

  • CVE-2008-7313CriMar 31, 2017
    risk 0.64cvss 9.8epss 0.05

    The _httpsrequest function in Snoopy allows remote attackers to execute arbitrary commands. NOTE: this issue exists dues to an incomplete fix for CVE-2008-4796.

  • CVE-2016-10194CriMar 3, 2017
    risk 0.64cvss 9.8epss 0.03

    The festivaltts4r gem for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a string to the (1) to_speech or (2) to_mp3 method in lib/festivaltts4r/festival4r.rb.

  • CVE-2016-10098CriFeb 5, 2017
    risk 0.64cvss 9.8epss 0.03

    An issue was discovered on SendQuick Entera and Avera devices before 2HF16. Multiple Command Injection vulnerabilities allow attackers to execute arbitrary system commands.

  • CVE-2016-10182CriJan 30, 2017
    risk 0.64cvss 9.8epss 0.09

    An issue was discovered on the D-Link DWR-932B router. qmiweb allows command injection with ` characters.

  • CVE-2016-7399CriJan 4, 2017
    risk 0.64cvss 9.8epss 0.05

    scripts/license.pl in Veritas NetBackup Appliance 2.6.0.x through 2.6.0.4, 2.6.1.x through 2.6.1.2, 2.7.x through 2.7.3, and 3.0.x allow remote attackers to execute arbitrary commands via shell metacharacters in the hostName parameter to appliancews/getLicense.

  • CVE-2016-1000156CriDec 14, 2016
    risk 0.64cvss 9.8epss 0.03

    Mailcwp remote file upload vulnerability incomplete fix v1.100

  • CVE-2016-9835CriDec 5, 2016
    risk 0.64cvss 9.8epss 0.04

    Directory traversal vulnerability in file "jcss.php" in Zikula 1.3.x before 1.3.11 and 1.4.x before 1.4.4 on Windows allows a remote attacker to launch a PHP object injection by uploading a serialized file.

  • CVE-2016-1388CriJun 3, 2016
    risk 0.64cvss 9.8epss 0.02

    Cisco Prime Network Analysis Module (NAM) before 6.1(1) patch.6.1-2-final and 6.2.x before 6.2(1) and Prime Virtual Network Analysis Module (vNAM) before 6.1(1) patch.6.1-2-final and 6.2.x before 6.2(1) allow remote attackers to execute arbitrary OS commands via a crafted HTTP…

  • CVE-2015-0857CriMay 6, 2016
    risk 0.64cvss 9.8epss 0.05

    Cool Projects TarDiff allows remote attackers to execute arbitrary commands via shell metacharacters in the name of a (1) tar file or (2) file within a tar file.

  • CVE-2016-2002CriApr 20, 2016
    risk 0.64cvss 9.8epss 0.03

    The validateAdminConfig handler in the Analytics Management Console in HPE Vertica 7.0.x before 7.0.2.12, 7.1.x before 7.1.2-12, and 7.2.x before 7.2.2-1 allows remote attackers to execute arbitrary commands via the mcPort parameter, aka ZDI-CAN-3417.

  • CVE-2016-2397CriFeb 17, 2016
    risk 0.64cvss 9.8epss 0.06

    The cliserver implementation in Dell SonicWALL GMS, Analyzer, and UMA EM5000 7.2, 8.0, and 8.1 before Hotfix 168056 allows remote attackers to deserialize and execute arbitrary Java code via crafted XML data.

  • CVE-2017-11392HigAug 3, 2017
    risk 0.63cvss 8.8epss 0.34

    Proxy command injection vulnerability in Trend Micro InterScan Messaging Virtual Appliance 9.0 and 9.1 allows remote attackers to execute arbitrary code on vulnerable installations. The specific flaw can be exploited by parsing the "T" parameter within modTMCSS Proxy. Formerly…

  • CVE-2016-3081HigApr 26, 2016
    risk 0.63cvss 8.1epss 0.94

    Apache Struts 2.3.19 to 2.3.20.2, 2.3.21 to 2.3.24.1, and 2.3.25 to 2.3.28, when Dynamic Method Invocation is enabled, allow remote attackers to execute arbitrary code via method: prefix, related to chained expressions.

  • CVE-2026-8037CriJun 4, 2026
    risk 0.62cvss 9.6epss 0.02

    OS Command Injection Remote Code Execution Vulnerability in API in Progress ADC Products allows an un-authenticated attacker to execute arbitrary commands on the LoadMaster appliance by exploiting unsanitized input in multiple command endpoints

  • CVE-2026-35428CriMay 7, 2026
    risk 0.62cvss 9.6epss 0.01

    Improper neutralization of special elements used in a command ('command injection') in Azure Cloud Shell allows an unauthorized attacker to perform spoofing over a network.