VYPR

CWE-77

Improper Neutralization of Special Elements used in a Command ('Command Injection')

ClassDraftLikelihood: High

Description

The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-136 · CAPEC-15 · CAPEC-183 · CAPEC-248 · CAPEC-40 · CAPEC-43 · CAPEC-75 · CAPEC-76

CVEs mapped to this weakness (1,552)

page 20 of 78
  • CVE-2023-49565HigSep 18, 2025
    risk 0.55cvss 8.4epss 0.01

    The cbis_manager Podman container is vulnerable to remote command execution via the /api/plugins endpoint. Improper sanitization of the HTTP Headers X-FILENAME, X-PAGE, and X-FIELD allows for command injection. These headers are directly utilized within the subprocess.Popen…

  • CVE-2025-7388HigSep 4, 2025
    risk 0.55cvss 8.4epss 0.01

    It was possible to perform Remote Command Execution (RCE) via Java RMI interface in the OpenEdge AdminServer, allowing authenticated users to inject and execute OS commands under the delegated authority of the AdminServer process.  An RMI interface permitted manipulation of a…

  • CVE-2024-48214HigOct 30, 2024
    risk 0.55cvss 8.4epss 0.01

    KERUI HD 3MP 1080P Tuya Camera 1.0.4 has a command injection vulnerability in the module that connects to the local network via a QR code. This vulnerability allows an attacker to create a custom, unauthenticated QR code and abuse one of the parameters, either SSID or PASSWORD,…

  • CVE-2024-4578HigJun 27, 2024
    risk 0.55cvss 8.4epss 0.00

    This Advisory describes an issue that impacts Arista Wireless Access Points. Any entity with the ability to authenticate via SSH to an affected AP as the “config” user is able to cause a privilege escalation via spawning a bash shell. The SSH CLI session does not require…

  • CVE-2016-4922HigOct 13, 2017
    risk 0.55cvss 8.4epss 0.00

    Certain combinations of Junos OS CLI commands and arguments have been found to be exploitable in a way that can allow unauthorized access to the operating system. This may allow any user with permissions to run these CLI commands the ability to achieve elevated privileges and…

  • CVE-2026-30461HigApr 15, 2026
    risk 0.54cvss 8.3epss 0.01

    Daylight Studio FuelCMS v1.5.2 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the /controllers/Installer.php and the function add_git_submodule.

  • CVE-2025-54994CriSep 8, 2025
    risk 0.54cvss epss 0.01

    @akoskm/create-mcp-server-stdio is an MCP server starter kit that uses the StdioServerTransport. Prior to version 0.0.13, the MCP Server is written in a way that is vulnerable to command injection vulnerability attacks as part of some of its MCP Server tool definition and…

  • CVE-2025-4653HigJun 10, 2025
    risk 0.54cvss epss 0.02

    Improper Neutralization of Special Elements in the backup name field may allow OS command injection. This issue affects Pandora ITSM 5.0.105.

  • CVE-2025-46816CriMay 6, 2025
    risk 0.54cvss 9.4epss 0.01

    goshs is a SimpleHTTPServer written in Go. Starting in version 0.3.4 and prior to version 1.0.5, running goshs without arguments makes it possible for anyone to execute commands on the server. The function `dispatchReadPump` does not checks the option cli `-c`, thus allowing…

  • CVE-2024-5023CriMay 16, 2024
    risk 0.54cvss epss 0.01

    Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Netflix ConsoleMe allows Command Injection.This issue affects ConsoleMe: before 1.4.0.

  • CVE-2026-48694HigMay 26, 2026
    risk 0.53cvss 8.1epss 0.00

    FastNetMon Community Edition through 1.2.9 contains a configuration injection vulnerability in the Juniper router integration plugin. In src/juniper_plugin/fastnetmon_juniper.php, the $IP_ATTACK variable (received from argv[1]) is directly interpolated into Juniper NETCONF…

  • CVE-2026-34259HigMay 12, 2026
    risk 0.53cvss 8.2epss 0.00

    Due to an OS Command Execution vulnerability in SAP Forecasting & Replenishment, an authenticated attacker with administrative authorizations could abuse a non-remote-enabled function to execute arbitrary operating system commands. Successful exploitation could allow the…

  • CVE-2026-20761HigFeb 20, 2026
    risk 0.53cvss 8.1epss 0.01

    A vulnerability exists in EnOcean SmartServer IoT version 4.60.009 and prior, which would allow remote attackers, in the LON IP-852 management messages, to send specially crafted IP-852 messages resulting in arbitrary OS command execution on the device.

  • CVE-2025-24293CriJan 30, 2026
    risk 0.53cvss epss 0.02

    # Active Storage allowed transformation methods potentially unsafe Active Storage attempts to prevent the use of potentially unsafe image transformation methods and parameters by default. The default allowed list contains three methods allow for the circumvention of the…

  • CVE-2025-60595HigOct 29, 2025
    risk 0.53cvss 8.2epss 0.00

    SPH Engineering UgCS 5.13.0 is vulnerable to Arbitary code execution.

  • CVE-2025-52690HigJul 16, 2025
    risk 0.53cvss 8.1epss 0.09

    Successful exploitation of the vulnerability could allow an attacker to execute arbitrary commands as root, potentially leading to the loss of confidentiality, integrity, availability, and full control of the access point.

  • CVE-2025-43858CriApr 24, 2025
    risk 0.53cvss 9.2epss 0.00

    YoutubeDLSharp is a wrapper for the command-line video downloaders youtube-dl and yt-dlp. In versions starting from 1.0.0-beta4 and prior to 1.1.2, an unsafe conversion of arguments allows the injection of a malicious commands when starting `yt-dlp` from a commands prompt…

  • CVE-2024-27980HigJan 9, 2025
    risk 0.53cvss 8.1epss 0.01

    Due to the improper handling of batch files in child_process.spawn / child_process.spawnSync, a malicious command line argument can inject arbitrary commands and achieve code execution even if the shell option is not enabled.

  • CVE-2024-36138HigSep 7, 2024
    risk 0.53cvss 8.1epss 0.01

    Bypass incomplete fix of CVE-2024-27980, that arises from improper handling of batch files with all possible extensions on Windows via child_process.spawn / child_process.spawnSync. A malicious command line argument can inject arbitrary commands and achieve code execution even…

  • CVE-2024-5565HigMay 31, 2024
    risk 0.53cvss 8.1epss 0.15

    The Vanna library uses a prompt function to present the user with visualized results, it is possible to alter the prompt using prompt injection and run arbitrary Python code instead of the intended visualization code. Specifically - allowing external input to the library’s…