VYPR

CWE-77

Improper Neutralization of Special Elements used in a Command ('Command Injection')

ClassDraftLikelihood: High

Description

The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-136 · CAPEC-15 · CAPEC-183 · CAPEC-248 · CAPEC-40 · CAPEC-43 · CAPEC-75 · CAPEC-76

CVEs mapped to this weakness (1,552)

page 25 of 78
  • CVE-2025-2727HigMar 25, 2025
    risk 0.52cvss 8.0epss 0.01

    A vulnerability, which was classified as critical, was found in H3C Magic NX30 Pro up to V100R007. This affects an unknown part of the file /api/wizard/getNetworkStatus of the component HTTP POST Request Handler. The manipulation leads to command injection. Access to the local…

  • CVE-2025-2726HigMar 25, 2025
    risk 0.52cvss 8.0epss 0.01

    A vulnerability, which was classified as critical, has been found in H3C Magic NX15, Magic NX30 Pro, Magic NX400, Magic R3010 and Magic BE18000 up to V100R014. Affected by this issue is some unknown functionality of the file /api/esps of the component HTTP POST Request Handler.…

  • CVE-2025-2725HigMar 25, 2025
    risk 0.52cvss 8.0epss 0.09

    A vulnerability classified as critical was found in H3C Magic NX15, Magic NX30 Pro, Magic NX400, Magic R3010 and Magic BE18000 up to V100R014. Affected by this vulnerability is an unknown functionality of the file /api/login/auth of the component HTTP POST Request Handler. The…

  • CVE-2024-12111HigDec 19, 2024
    risk 0.52cvss 8.0epss 0.00

    In a specific scenario a LDAP user can abuse the authentication process using injection attack in OpenText Privileged Access Manager that allows authentication bypass. This issue affects Privileged Access Manager version 23.3(4.4); 24.3(4.5)

  • CVE-2024-29404HigDec 3, 2024
    risk 0.52cvss 7.8epss 0.00

    An issue in Razer Synapse 3 v.3.9.131.20813 and Synapse 3 App v.20240213 allows a local attacker to execute arbitrary code via the export parameter of the Chroma Effects function in the Profiles component.

  • CVE-2024-28726HigNov 12, 2024
    risk 0.52cvss 8.0epss 0.08

    An issue in DLink DWR 2000M 5G CPE With Wifi 6 Ax1800 and Dlink DWR 5G CPE DWR-2000M_1.34ME allows a local attacker to execute arbitrary code via a crafted payload to the Diagnostics function.

  • CVE-2015-7982criSep 1, 2020
    risk 0.52cvss epss 0.01

    Versions of `gm` prior to 1.21.1 are affected by a command injection vulnerability. The vulnerability is triggered when user input is passed into `gm.compare()`, which fails to sanitize input correctly before calling the graphics magic binary. ## Recommendation Update to…

  • CVE-2017-8193HigNov 22, 2017
    risk 0.52cvss 8.0epss 0.01

    The FusionSphere OpenStack V100R006C00SPC102(NFV) has a command injection vulnerability. Due to the insufficient input validation on one port, an authenticated, local attacker may exploit the vulnerability to gain root privileges by sending message with malicious commands.

  • CVE-2016-9554HigJan 28, 2017
    risk 0.52cvss 7.2epss 0.24

    The Sophos Web Appliance Remote / Secure Web Gateway server (version 4.2.1.3) is vulnerable to a Remote Command Injection vulnerability in its web administrative interface. These vulnerabilities occur in MgrDiagnosticTools.php (/controllers/MgrDiagnosticTools.php), in the…

  • CVE-2016-4822HigJun 25, 2016
    risk 0.52cvss 8.0epss 0.01

    Corega CG-WLBARGL devices allow remote authenticated users to execute arbitrary commands via unspecified vectors.

  • CVE-1999-0039HigMay 6, 1997
    risk 0.52cvss 7.3epss 0.16

    webdist CGI program (webdist.cgi) in SGI IRIX allows remote attackers to execute arbitrary commands via shell metacharacters in the distloc parameter.

  • CVE-2025-56814HigJun 15, 2026
    risk 0.51cvss 7.8epss 0.00

    A code injection vulnerability in the wxExecute() function of OpenCPN v5.12.0 allows attackers to execute arbitrary code via embedding shell metacharacters.

  • CVE-2025-69600HigMay 27, 2026
    risk 0.51cvss 7.8epss 0.01

    Command injection in Raynet rvia RayVentory Scan Engine 12.6 Update 8 and previous versions allows adversaries to execute commands via getconfig, upload, inventory, and oracle options.

  • CVE-2026-38945HigMay 27, 2026
    risk 0.51cvss 7.8epss 0.01

    Command injection in Raynet rvia version 12.6 Update 8 and previous versions allows adversaries to execute arbitrary code via a crafted path that matches the improperly terminated search criteria of rvia's Java search using the find command.

  • CVE-2026-8632HigMay 20, 2026
    risk 0.51cvss 7.8epss 0.01

    A potential security vulnerability has been identified in the HP Linux Imaging and Printing Software. This potential vulnerability may allow escalation of privileges and/or arbitrary code execution via operating system command injection.

  • CVE-2026-46508HigMay 15, 2026
    risk 0.51cvss 7.8epss 0.00

    Turborepo is a high-performance build system for JavaScript and TypeScript codebases. Prior to 2.9.14000, the Turborepo LSP VS Code extension could execute shell commands derived from workspace-controlled values. The extension used string-based command execution for Turborepo…

  • CVE-2026-41611HigMay 12, 2026
    risk 0.51cvss 7.8epss 0.00

    Improper neutralization of script-related html tags in a web page (basic xss) in Visual Studio Code allows an unauthorized attacker to execute code locally.

  • CVE-2026-7039HigApr 26, 2026
    risk 0.51cvss 7.8epss 0.01

    A security vulnerability has been detected in tufantunc ssh-mcp up to 1.5.0. The affected element is the function shell.write of the file src/index.ts. Such manipulation of the argument Description leads to command injection. The attack must be carried out locally. The exploit…

  • CVE-2026-32183HigApr 14, 2026
    risk 0.51cvss 7.8epss 0.01

    Improper neutralization of special elements used in a command ('command injection') in Windows Snipping Tool allows an unauthorized attacker to execute code locally.

  • CVE-2026-35558HigApr 3, 2026
    risk 0.51cvss 7.8epss 0.00

    Improper neutralization of special elements in the authentication components in Amazon Athena ODBC driver before 2.1.0.0 might allow a threat actor to execute arbitrary code or redirect authentication flows by using specially crafted connection parameters that are processed by…