CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
Description
The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-136 · CAPEC-15 · CAPEC-183 · CAPEC-248 · CAPEC-40 · CAPEC-43 · CAPEC-75 · CAPEC-76
CVEs mapped to this weakness (1,552)
page 43 of 78| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-53615 | Med | 0.44 | 6.5 | 0.01 | Jan 30, 2025 | A command injection vulnerability in the video thumbnail rendering component of Karl Ward's files.gallery v0.3.0 through 0.11.0 allows remote attackers to execute arbitrary code via a crafted video file. | ||
| CVE-2025-0396 | Hig | 0.44 | 7.8 | 0.01 | Jan 12, 2025 | A vulnerability, which was classified as critical, has been found in exelban stats up to 2.11.21. This issue affects the function shouldAcceptNewConnection of the component XPC Service. The manipulation leads to command injection. It is possible to launch the attack on the local… | ||
| CVE-2024-48747 | Med | 0.44 | 6.8 | 0.01 | Nov 21, 2024 | An issue in alist-tvbox v1.7.1 allows a remote attacker to execute arbitrary code via the /atv-cli file. | ||
| CVE-2024-38817 | Med | 0.44 | 6.7 | 0.01 | Oct 9, 2024 | VMware NSX contains a command injection vulnerability. A malicious actor with access to the NSX Edge CLI terminal may be able to craft malicious payloads to execute arbitrary commands on the operating system as root. | ||
| CVE-2022-42906 | — | Hig | 0.44 | 7.8 | 0.00 | Oct 13, 2022 | powerline-gitstatus (aka Powerline Gitstatus) before 1.3.2 allows arbitrary code execution. git repositories can contain per-repository configuration that changes the behavior of git, including running arbitrary commands. When using powerline-gitstatus, changing to a directory… | |
| CVE-2018-0481 | Med | 0.44 | 6.7 | 0.00 | Oct 5, 2018 | A vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to execute commands on the underlying Linux shell of an affected device with root privileges. The vulnerability exist because the affected software improperly sanitizes… | ||
| CVE-2018-0477 | Med | 0.44 | 6.7 | 0.00 | Oct 5, 2018 | A vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to execute commands on the underlying Linux shell of an affected device with root privileges. The vulnerability exist because the affected software improperly sanitizes… | ||
| CVE-2018-0324 | Med | 0.44 | 6.7 | 0.01 | May 17, 2018 | A vulnerability in the CLI of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, high-privileged, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command parameters in the CLI… | ||
| CVE-2018-0224 | Med | 0.44 | 6.7 | 0.00 | Mar 8, 2018 | A vulnerability in the CLI of the Cisco StarOS operating system for Cisco ASR 5000 Series Aggregation Services Routers could allow an authenticated, local attacker to execute arbitrary commands with root privileges on an affected operating system. The vulnerability is due to… | ||
| CVE-2018-0217 | Med | 0.44 | 6.7 | 0.01 | Mar 8, 2018 | A vulnerability in the CLI of the Cisco StarOS operating system for Cisco ASR 5000 Series Aggregation Services Routers could allow an authenticated, local attacker to perform a command injection attack on an affected system. The vulnerability is due to insufficient validation of… | ||
| CVE-2017-12352 | Med | 0.44 | 6.7 | 0.00 | Nov 30, 2017 | A vulnerability in certain system script files that are installed at boot time on Cisco Application Policy Infrastructure Controllers could allow an authenticated, local attacker to gain elevated privileges and execute arbitrary commands with root privileges on an affected host… | ||
| CVE-2017-12341 | Med | 0.44 | 6.7 | 0.01 | Nov 30, 2017 | A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. An attacker would need valid administrator credentials to perform this exploit. The vulnerability is due to insufficient input validation… | ||
| CVE-2017-12305 | Med | 0.44 | 6.7 | 0.01 | Nov 16, 2017 | A vulnerability in the debug interface of Cisco IP Phone 8800 series could allow an authenticated, local attacker to execute arbitrary commands, aka Debug Shell Command Injection. The vulnerability is due to insufficient input validation. An attacker could exploit this… | ||
| CVE-2017-6794 | Med | 0.44 | 6.7 | 0.01 | Sep 7, 2017 | A vulnerability in the CLI command-parsing code of Cisco Meeting Server could allow an authenticated, local attacker to perform command injection and escalate their privileges to root. The attacker must first authenticate to the application with valid administrator credentials.… | ||
| CVE-2014-9114 | Hig | 0.44 | 7.8 | 0.01 | Mar 31, 2017 | Blkid in util-linux before 2.26rc-1 allows local users to execute arbitrary code. | ||
| CVE-2016-9337 | Med | 0.44 | 6.8 | 0.02 | Feb 13, 2017 | An issue was discovered in Tesla Motors Model S automobile, all firmware versions before version 7.1 (2.36.31) with web browser functionality enabled. The vehicle's Gateway ECU is susceptible to commands that may allow an attacker to install malicious software allowing the… | ||
| CVE-2016-6649 | Med | 0.44 | 6.7 | 0.01 | Feb 3, 2017 | EMC RecoverPoint versions before 4.4.1.1 and EMC RecoverPoint for Virtual Machines versions before 5.0 are affected by multiple command injection vulnerabilities where a malicious administrator with configuration privileges may bypass the user interface and escalate his… | ||
| CVE-2015-5349 | Hig | 0.44 | 7.8 | 0.02 | Apr 11, 2016 | The CSV export in Apache LDAP Studio and Apache Directory Studio before 2.0.0-M10 does not properly escape field values, which might allow attackers to execute arbitrary commands by leveraging a crafted LDAP entry that is interpreted as a formula when imported into a spreadsheet. | ||
| CVE-2025-47188 | Med | 0.43 | 6.5 | 0.48 | Aug 7, 2025 | A vulnerability in the Mitel 6800 Series, 6900 Series, and 6900w Series SIP Phones through 6.4 SP4 (R6.4.0.4006), and the 6970 Conference Unit through 6.4 SP4 (R6.4.0.4006) or version V1 R0.1.0, could allow an unauthenticated attacker to conduct a command injection attack due to… | ||
| CVE-2024-22197 | Hig | 0.43 | 7.7 | 0.02 | Jan 11, 2024 | Nginx-ui is online statistics for Server Indicators Monitor CPU usage, memory usage, load average, and disk usage in real-time. The `Home > Preference` page exposes a small list of nginx settings such as `Nginx Access Log Path` and `Nginx Error Log Path`. However, the API… |
- risk 0.44cvss 6.5epss 0.01
A command injection vulnerability in the video thumbnail rendering component of Karl Ward's files.gallery v0.3.0 through 0.11.0 allows remote attackers to execute arbitrary code via a crafted video file.
- risk 0.44cvss 7.8epss 0.01
A vulnerability, which was classified as critical, has been found in exelban stats up to 2.11.21. This issue affects the function shouldAcceptNewConnection of the component XPC Service. The manipulation leads to command injection. It is possible to launch the attack on the local…
- risk 0.44cvss 6.8epss 0.01
An issue in alist-tvbox v1.7.1 allows a remote attacker to execute arbitrary code via the /atv-cli file.
- risk 0.44cvss 6.7epss 0.01
VMware NSX contains a command injection vulnerability. A malicious actor with access to the NSX Edge CLI terminal may be able to craft malicious payloads to execute arbitrary commands on the operating system as root.
- risk 0.44cvss 7.8epss 0.00
powerline-gitstatus (aka Powerline Gitstatus) before 1.3.2 allows arbitrary code execution. git repositories can contain per-repository configuration that changes the behavior of git, including running arbitrary commands. When using powerline-gitstatus, changing to a directory…
- risk 0.44cvss 6.7epss 0.00
A vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to execute commands on the underlying Linux shell of an affected device with root privileges. The vulnerability exist because the affected software improperly sanitizes…
- risk 0.44cvss 6.7epss 0.00
A vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to execute commands on the underlying Linux shell of an affected device with root privileges. The vulnerability exist because the affected software improperly sanitizes…
- risk 0.44cvss 6.7epss 0.01
A vulnerability in the CLI of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, high-privileged, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command parameters in the CLI…
- risk 0.44cvss 6.7epss 0.00
A vulnerability in the CLI of the Cisco StarOS operating system for Cisco ASR 5000 Series Aggregation Services Routers could allow an authenticated, local attacker to execute arbitrary commands with root privileges on an affected operating system. The vulnerability is due to…
- risk 0.44cvss 6.7epss 0.01
A vulnerability in the CLI of the Cisco StarOS operating system for Cisco ASR 5000 Series Aggregation Services Routers could allow an authenticated, local attacker to perform a command injection attack on an affected system. The vulnerability is due to insufficient validation of…
- risk 0.44cvss 6.7epss 0.00
A vulnerability in certain system script files that are installed at boot time on Cisco Application Policy Infrastructure Controllers could allow an authenticated, local attacker to gain elevated privileges and execute arbitrary commands with root privileges on an affected host…
- risk 0.44cvss 6.7epss 0.01
A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. An attacker would need valid administrator credentials to perform this exploit. The vulnerability is due to insufficient input validation…
- risk 0.44cvss 6.7epss 0.01
A vulnerability in the debug interface of Cisco IP Phone 8800 series could allow an authenticated, local attacker to execute arbitrary commands, aka Debug Shell Command Injection. The vulnerability is due to insufficient input validation. An attacker could exploit this…
- risk 0.44cvss 6.7epss 0.01
A vulnerability in the CLI command-parsing code of Cisco Meeting Server could allow an authenticated, local attacker to perform command injection and escalate their privileges to root. The attacker must first authenticate to the application with valid administrator credentials.…
- risk 0.44cvss 7.8epss 0.01
Blkid in util-linux before 2.26rc-1 allows local users to execute arbitrary code.
- risk 0.44cvss 6.8epss 0.02
An issue was discovered in Tesla Motors Model S automobile, all firmware versions before version 7.1 (2.36.31) with web browser functionality enabled. The vehicle's Gateway ECU is susceptible to commands that may allow an attacker to install malicious software allowing the…
- risk 0.44cvss 6.7epss 0.01
EMC RecoverPoint versions before 4.4.1.1 and EMC RecoverPoint for Virtual Machines versions before 5.0 are affected by multiple command injection vulnerabilities where a malicious administrator with configuration privileges may bypass the user interface and escalate his…
- risk 0.44cvss 7.8epss 0.02
The CSV export in Apache LDAP Studio and Apache Directory Studio before 2.0.0-M10 does not properly escape field values, which might allow attackers to execute arbitrary commands by leveraging a crafted LDAP entry that is interpreted as a formula when imported into a spreadsheet.
- risk 0.43cvss 6.5epss 0.48
A vulnerability in the Mitel 6800 Series, 6900 Series, and 6900w Series SIP Phones through 6.4 SP4 (R6.4.0.4006), and the 6970 Conference Unit through 6.4 SP4 (R6.4.0.4006) or version V1 R0.1.0, could allow an unauthenticated attacker to conduct a command injection attack due to…
- risk 0.43cvss 7.7epss 0.02
Nginx-ui is online statistics for Server Indicators Monitor CPU usage, memory usage, load average, and disk usage in real-time. The `Home > Preference` page exposes a small list of nginx settings such as `Nginx Access Log Path` and `Nginx Error Log Path`. However, the API…