VYPR

CWE-77

Improper Neutralization of Special Elements used in a Command ('Command Injection')

ClassDraftLikelihood: High

Description

The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-136 · CAPEC-15 · CAPEC-183 · CAPEC-248 · CAPEC-40 · CAPEC-43 · CAPEC-75 · CAPEC-76

CVEs mapped to this weakness (1,552)

page 42 of 78
  • CVE-2016-4989HigApr 11, 2017
    risk 0.46cvss 7.0epss 0.00

    setroubleshoot allows local users to bypass an intended container protection mechanism and execute arbitrary commands by (1) triggering an SELinux denial with a crafted file name, which is handled by the _set_tpath function in audit_data.py or via a crafted (2) local_id or (3)…

  • CVE-2016-4446HigApr 11, 2017
    risk 0.46cvss 7.0epss 0.00

    The allow_execstack plugin for setroubleshoot allows local users to execute arbitrary commands by triggering an execstack SELinux denial with a crafted filename, related to the commands.getoutput function.

  • CVE-2016-4445HigApr 11, 2017
    risk 0.46cvss 7.0epss 0.00

    The fix_lookup_id function in sealert in setroubleshoot before 3.2.23 allows local users to execute arbitrary commands as root by triggering an SELinux denial with a crafted file name, related to executing external commands with the commands.getstatusoutput function.

  • CVE-2016-4444HigApr 11, 2017
    risk 0.46cvss 7.0epss 0.00

    The allow_execmod plugin for setroubleshoot before 3.2.23 allows local users to execute arbitrary commands by triggering an execmod SELinux denial with a crafted binary filename, related to the commands.getstatusoutput function.

  • CVE-2025-62696MedOct 21, 2025
    risk 0.45cvss epss 0.01

    Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in The Wikimedia Foundation Mediawiki Foundation - Springboard Extension allows Command Injection.This issue affects Mediawiki Foundation - Springboard Extension: master.

  • CVE-2025-52903HigJun 26, 2025
    risk 0.45cvss 8.0epss 0.01

    File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. In versions on the 2.x branch prior to 2.33.10, the Command Execution feature of File Browser only allows the execution of shell…

  • CVE-2022-21668HigJan 10, 2022
    risk 0.45cvss 8.0epss 0.04

    pipenv is a Python development workflow tool. Starting with version 2018.10.9 and prior to version 2022.1.8, a flaw in pipenv's parsing of requirements files allows an attacker to insert a specially crafted string inside a comment anywhere within a requirements.txt file, which…

  • CVE-2026-40034HigMay 26, 2026
    risk 0.44cvss 7.8epss 0.00

    gix-submodule before 0.29.0 (gitoxide before 0.5.21, gix before 0.84.0) incorrectly validates the update field in .gitmodules, allowing attackers to bypass the CommandForbiddenInModulesConfiguration guard when a submodule has been initialized with only partial configuration in…

  • CVE-2026-42000MedMay 21, 2026
    risk 0.44cvss 6.8epss 0.00

    Insufficient Validation of Names During AXFR

  • CVE-2026-45585MedMay 20, 2026
    risk 0.44cvss 6.8epss 0.01

    Microsoft is aware of a security feature bypass vulnerability in Windows publicly referred to as "YellowKey". The proof of concept for this vulnerability has been made public violating coordinated vulnerability best practices. We are issuing this CVE to provide…

  • CVE-2024-30167MedMay 8, 2026
    risk 0.44cvss 6.3epss 0.01

    /cgi-bin/time.cgi in Atlona AT-OME-MS42 Matrix Switcher 1.1.2 allow remote authenticated users to execute arbitrary commands as root via a POST request that carries a serverName parameter.

  • CVE-2026-36365HigMay 4, 2026
    risk 0.44cvss 7.8epss 0.00

    An issue in Lymphatus caesium-image-compressor All versions up to and including commit 02da2c6 allows a local attacker to execute arbitrary code via the shutdownMachine and putMachineToSleep functions in PostCompressionActions.cpp

  • CVE-2026-21709MedApr 17, 2026
    risk 0.44cvss 6.7epss 0.00

    A vulnerability allowing a local attacker with administrator privileges to bypass Windows Driver Signature Enforcement.

  • CVE-2026-23779MedApr 17, 2026
    risk 0.44cvss 6.7epss 0.01

    Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.5, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.50, contain a command injection vulnerability. A high…

  • CVE-2026-24905HigJan 29, 2026
    risk 0.44cvss 7.8epss 0.01

    Inspektor Gadget is a set of tools and framework for data collection and system inspection on Kubernetes clusters and Linux hosts using eBPF. The `ig` binary provides a subcommand for image building, used to generate custom gadget OCI images. A part of this functionality is…

  • CVE-2025-10327MedSep 12, 2025
    risk 0.44cvss 6.3epss 0.10

    A weakness has been identified in MiczFlor RPi-Jukebox-RFID up to 2.8.0. Affected by this vulnerability is an unknown functionality of the file /htdocs/api/playlist/shuffle.php. Executing manipulation of the argument playlist can lead to os command injection. The attack can be…

  • CVE-2025-58178HigSep 2, 2025
    risk 0.44cvss 7.8epss 0.01

    SonarQube Server and Cloud is a static analysis solution for continuous code quality and security inspection. In versions 4 to 5.3.0, a command injection vulnerability was discovered in the SonarQube Scan GitHub Action that allows untrusted input arguments to be processed…

  • CVE-2025-9090MedAug 17, 2025
    risk 0.44cvss 6.3epss 0.14

    A vulnerability was identified in Tenda AC20 16.03.08.12. Affected is the function websFormDefine of the file /goform/telnet of the component Telnet Service. The manipulation leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed…

  • CVE-2025-53107HigJul 1, 2025
    risk 0.44cvss 7.5epss 0.22

    @cyanheads/git-mcp-server is an MCP server designed to interact with Git repositories. Prior to version 2.1.5, there is a command injection vulnerability caused by the unsanitized use of input parameters within a call to child_process.exec, enabling an attacker to inject…

  • CVE-2025-23170MedJun 19, 2025
    risk 0.44cvss 6.7epss 0.01

    The Versa Director SD-WAN orchestration platform includes functionality to initiate SSH sessions to remote CPEs and the Director shell via Shell-In-A-Box. The underlying Python script, shell-connect.py, is vulnerable to command injection through the user argument. This allows an…