VYPR

CWE-77

Improper Neutralization of Special Elements used in a Command ('Command Injection')

ClassDraftLikelihood: High

Description

The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-136 · CAPEC-15 · CAPEC-183 · CAPEC-248 · CAPEC-40 · CAPEC-43 · CAPEC-75 · CAPEC-76

CVEs mapped to this weakness (1,552)

page 14 of 78
  • CVE-2018-1212HigJul 2, 2018
    risk 0.58cvss 8.8epss 0.04

    The web-based diagnostics console in Dell EMC iDRAC6 (Monolithic versions prior to 2.91 and Modular all versions) contains a command injection vulnerability. A remote authenticated malicious iDRAC user with access to the diagnostics console could potentially exploit this…

  • CVE-2016-5397HigFeb 12, 2018
    risk 0.58cvss 8.8epss 0.07

    The Apache Thrift Go client library exposed the potential during code generation for command injection due to using an external formatting tool. Affected Apache Thrift 0.9.3 and older, Fixed in Apache Thrift 0.10.0.

  • CVE-2017-14593HigJan 26, 2018
    risk 0.58cvss 8.8epss 0.06

    Sourcetree for Windows had several argument and command injection bugs in Mercurial and Git repository handling. An attacker with permission to commit to a repository linked in Sourcetree for Windows is able to exploit this issue to gain code execution on the system. From…

  • CVE-2017-14592HigJan 26, 2018
    risk 0.58cvss 8.8epss 0.06

    Sourcetree for macOS had several argument and command injection bugs in Mercurial and Git repository handling. An attacker with permission to commit to a repository linked in Sourcetree for macOS is able to exploit this issue to gain code execution on the system. From version…

  • CVE-2017-12277HigNov 2, 2017
    risk 0.58cvss 8.8epss 0.04

    A vulnerability in the Smart Licensing Manager service of the Cisco Firepower 4100 Series Next-Generation Firewall (NGFW) and Firepower 9300 Security Appliance could allow an authenticated, remote attacker to inject arbitrary commands that could be executed with root privileges.…

  • CVE-2016-4929HigMar 20, 2017
    risk 0.58cvss 8.8epss 0.04

    Command injection vulnerability in Junos Space before 15.2R2 allows attackers to execute arbitrary code as a root user.

  • CVE-2016-6270HigJan 30, 2017
    risk 0.58cvss 8.8epss 0.06

    The handle_certificate function in /vmi/manager/engine/management/commands/apns_worker.py in Trend Micro Virtual Mobile Infrastructure before 5.1 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the password to…

  • CVE-2015-7541CriJan 8, 2016
    risk 0.58cvss 10.0epss 0.04

    The initialize method in the Histogram class in lib/colorscore/histogram.rb in the colorscore gem before 0.0.5 for Ruby allows context-dependent attackers to execute arbitrary code via shell metacharacters in the (1) image_path, (2) colors, or (3) depth variable.

  • CVE-2024-24909HigJun 16, 2026
    risk 0.57cvss 8.8epss 0.00

    Dell OpenManage Integration with Microsoft Windows Admin Center contains a Remote Code Execution vulnerability in the gateway plugin. A remote authenticated user could potentially exploit this vulnerability to escalate privileges. The malicious user may gain the ability to run…

  • CVE-2026-12187HigJun 14, 2026
    risk 0.57cvss 8.8epss 0.02

    A security vulnerability has been detected in GL.iNet GL-MT3000 up to 4.4.5. Affected by this vulnerability is an unknown functionality of the file /usr/bin/one_click_upgrade of the component Online Firmware Upgrade Handler. Such manipulation leads to command injection. The…

  • CVE-2026-12186HigJun 14, 2026
    risk 0.57cvss 8.8epss 0.02

    A weakness has been identified in GL.iNet GL-MT3000 up to 4.4.5. Affected is the function replace_country in the library /usr/lib/oui-httpd/rpc/tor of the component Tor Proxy Service Configuration Handler. This manipulation causes command injection. The attack can be initiated…

  • CVE-2026-11556HigJun 8, 2026
    risk 0.57cvss 8.8epss 0.02

    A security flaw has been discovered in Tenda F451 1.0.0.7/1.0.0.9. Impacted is the function formWriteFacMac of the file /goform/WriteFacMac of the component Web Management Interface. Performing a manipulation of the argument mac results in os command injection. Remote…

  • CVE-2026-45663CriMay 29, 2026
    risk 0.57cvss 9.9epss 0.01

    Dokploy is a free, self-hostable Platform as a Service (PaaS). In 0.29.1 and earlier, a command injection vulnerability exists in the Docker file upload functionality. When an authenticated user uploads a file to a container, the destinationPath parameter is not properly…

  • CVE-2026-46368HigMay 26, 2026
    risk 0.57cvss 8.8epss 0.03

    luci-app-https-dns-proxy through 2025.12.29-5 — an optional LuCI web UI add-on for the https-dns-proxy package, distributed through the OpenWrt community packages feed and not installed by default — contains a command injection vulnerability in the setInitAction function. An…

  • CVE-2025-57282HigMay 18, 2026
    risk 0.57cvss 8.8epss 0.01

    ngrok v4.3.3 and 5.0.0-beta.2 is vulnerable to Command Injection.

  • CVE-2026-41953HigMay 13, 2026
    risk 0.57cvss 8.7epss 0.00

    A vulnerability exists in BIG-IP systems where a highly privileged, authenticated attacker with at least the Resource Administrator role can modify configuration objects resulting in privilege escalation.  Note: Software versions which have reached End of Technical Support…

  • CVE-2026-40698HigMay 13, 2026
    risk 0.57cvss 8.7epss 0.00

    A vulnerability exists in BIG-IP and BIG-IQ systems where a highly privileged, authenticated attacker with at least the Resource Administrator role can create SNMP configuration objects through iControl REST or the TMOS shell (tmsh) resulting in privilege escalation.  Note:…

  • CVE-2026-40061HigMay 13, 2026
    risk 0.57cvss 8.7epss 0.00

    When BIG-IP DNS is provisioned, a vulnerability exists in an undisclosed iControl REST and BIG-IP TMOS Shell (tmsh) command that may allow an authenticated attacker with the Resource Administrator or Administrator role to execute arbitrary system commands with higher privileges.…

  • CVE-2026-36734HigMay 11, 2026
    risk 0.57cvss 8.8epss 0.01

    EDIMAX BR-6428nS V3 1.15 is vulnerable to Command Injection. An authenticated attacker with access to the network can submit crafted input to the WLAN configuration functionality. Due to insufficient input validation, the attacker is able to execute arbitrary system commands on…

  • CVE-2026-42258CriMay 9, 2026
    risk 0.57cvss 9.8epss 0.01

    Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to versions 0.4.24, 0.5.14, and 0.6.4, symbol arguments to commands are vulnerable to a CRLF Injection / IMAP Command injection via Symbol arguments passed to IMAP commands. This…