CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
Description
The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-136 · CAPEC-15 · CAPEC-183 · CAPEC-248 · CAPEC-40 · CAPEC-43 · CAPEC-75 · CAPEC-76
CVEs mapped to this weakness (1,552)
page 46 of 78| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-53355 | Hig | 0.42 | 7.5 | 0.02 | Jul 8, 2025 | MCP Server Kubernetes is an MCP Server that can connect to a Kubernetes cluster and manage it. A command injection vulnerability exists in the mcp-server-kubernetes MCP Server. The vulnerability is caused by the unsanitized use of input parameters within a call to… | ||
| CVE-2025-53372 | Hig | 0.42 | 7.5 | 0.01 | Jul 8, 2025 | node-code-sandbox-mcp is a Node.js–based Model Context Protocol server that spins up disposable Docker containers to execute arbitrary JavaScript. Prior to 1.3.0, a command injection vulnerability exists in the node-code-sandbox-mcp MCP Server. The vulnerability is caused by… | ||
| CVE-2025-7083 | Med | 0.42 | 6.3 | 0.38 | Jul 6, 2025 | A vulnerability was found in Belkin F9K1122 1.00.33. It has been classified as critical. This affects the function mp of the file /goform/mp of the component webs. The manipulation of the argument command leads to os command injection. It is possible to initiate the attack… | ||
| CVE-2025-7082 | Med | 0.42 | 6.3 | 0.13 | Jul 6, 2025 | A vulnerability was found in Belkin F9K1122 1.00.33 and classified as critical. Affected by this issue is the function formBSSetSitesurvey of the file /goform/formBSSetSitesurvey of the component webs. The manipulation of the argument wan_ipaddr/wan_netmask/wan_gateway/wl_ssid… | ||
| CVE-2025-7081 | Med | 0.42 | 6.3 | 0.15 | Jul 6, 2025 | A vulnerability has been found in Belkin F9K1122 1.00.33 and classified as critical. Affected by this vulnerability is the function formSetWanStatic of the file /goform/formSetWanStatic of the component webs. The manipulation of the argument… | ||
| CVE-2025-24333 | Med | 0.42 | 6.4 | 0.00 | Jul 2, 2025 | Nokia Single RAN baseband software earlier than 24R1-SR 1.0 MP contains administrative shell input validation fault, which authenticated admin user can, in theory, potentially use for injecting arbitrary commands for unprivileged baseband OAM service process execution via… | ||
| CVE-2025-6621 | Med | 0.42 | 6.3 | 0.03 | Jun 25, 2025 | A vulnerability classified as critical has been found in TOTOLINK CA300-PoE 6.2c.884. This affects the function QuickSetting of the file ap.so. The manipulation of the argument hour/minute leads to os command injection. It is possible to initiate the attack remotely. The exploit… | ||
| CVE-2025-6620 | Med | 0.42 | 6.3 | 0.03 | Jun 25, 2025 | A vulnerability was found in TOTOLINK CA300-PoE 6.2c.884. It has been rated as critical. Affected by this issue is the function setUpgradeUboot of the file upgrade.so. The manipulation of the argument FileName leads to os command injection. The attack may be launched remotely.… | ||
| CVE-2025-6619 | Med | 0.42 | 6.3 | 0.03 | Jun 25, 2025 | A vulnerability was found in TOTOLINK CA300-PoE 6.2c.884. It has been declared as critical. Affected by this vulnerability is the function setUpgradeFW of the file upgrade.so. The manipulation of the argument FileName leads to os command injection. The attack can be launched… | ||
| CVE-2025-6618 | Med | 0.42 | 6.3 | 0.03 | Jun 25, 2025 | A vulnerability was found in TOTOLINK CA300-PoE 6.2c.884. It has been classified as critical. Affected is the function SetWLanApcliSettings of the file wps.so. The manipulation of the argument PIN leads to os command injection. It is possible to launch the attack remotely. The… | ||
| CVE-2025-6485 | Med | 0.42 | 6.3 | 0.06 | Jun 22, 2025 | A vulnerability was found in TOTOLINK A3002R 1.1.1-B20200824.0128. It has been classified as critical. This affects the function formWlSiteSurvey of the file /boafrm/formWlSiteSurvey. The manipulation of the argument wlanif leads to os command injection. It is possible to… | ||
| CVE-2024-57338 | — | Med | 0.42 | 6.5 | 0.00 | May 28, 2025 | An arbitrary file upload vulnerability in M2Soft CROWNIX Report & ERS v5.x to v5.5.14.1070, v7.x to v7.4.3.960, and v8.x to v8.2.0.345 allows attackers to execute arbitrary code via supplying a crafted file. | |
| CVE-2024-57337 | — | Med | 0.42 | 6.5 | 0.00 | May 28, 2025 | An arbitrary file upload vulnerability in the opcode 500 functionality of M2Soft CROWNIX Report & ERS v5.x to v5.5.14.1070, v7.x to v7.4.3.960, and v8.x to v8.2.0.345 allows attackers to execute arbitrary code via supplying a crafted file. | |
| CVE-2025-44023 | Med | 0.42 | 6.5 | 0.00 | May 8, 2025 | An issue in dlink DNS-320 v.1.00 and DNS-320LW v.1.01.0914.20212 allows an attacker to execute arbitrary via the account_mgr.cgi->cgi_chg_admin_pw components. | ||
| CVE-2025-29154 | Med | 0.42 | 6.5 | 0.00 | May 7, 2025 | HTML injection vulnerability in lemeconsultoria HCM galera.app v.4.58.0 allows an attacker to execute arbitrary code via the .galera.app/ted/solicitacao_treinamento/, .galera.app/rh/metas/perspectiva_estrategica/edicao/, .galera.app/rh/cadastros/perspectivas/listagem/adc/,… | ||
| CVE-2025-26262 | Med | 0.42 | 6.5 | 0.00 | May 6, 2025 | An issue in the component /internals/functions of R-fx Networks Linux Malware Detect v1.6.5 allows attackers to escalate privileges and execute arbitrary code via supplying a file that contains a crafted filename. | ||
| CVE-2024-57608 | Med | 0.42 | 6.5 | 0.00 | Feb 24, 2025 | An issue in Via Browser 6.1.0 allows a a remote attacker to execute arbitrary code via the mark.via.Shell component. | ||
| CVE-2024-51027 | Med | 0.42 | 6.5 | 0.07 | Nov 13, 2024 | Ruijie NBR800G gateway NBR_RGOS_11.1(6)B4P9 is vulnerable to command execution in /itbox_pi/networksafe.php via the province parameter. | ||
| CVE-2023-38286 | Hig | 0.42 | 7.5 | 0.01 | Jul 14, 2023 | Thymeleaf through 3.1.1.RELEASE, as used in spring-boot-admin (aka Spring Boot Admin) through 3.1.1 and other products, allows sandbox bypass via crafted HTML. This may be relevant for SSTI (Server Side Template Injection) and code execution in spring-boot-admin if MailNotifier… | ||
| CVE-2022-31249 | Hig | 0.42 | 7.5 | 0.04 | Feb 7, 2023 | A Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in wrangler of SUSE Rancher allows remote attackers to inject commands in the underlying host via crafted commands passed to Wrangler. This issue affects: SUSE Rancher… |
- risk 0.42cvss 7.5epss 0.02
MCP Server Kubernetes is an MCP Server that can connect to a Kubernetes cluster and manage it. A command injection vulnerability exists in the mcp-server-kubernetes MCP Server. The vulnerability is caused by the unsanitized use of input parameters within a call to…
- risk 0.42cvss 7.5epss 0.01
node-code-sandbox-mcp is a Node.js–based Model Context Protocol server that spins up disposable Docker containers to execute arbitrary JavaScript. Prior to 1.3.0, a command injection vulnerability exists in the node-code-sandbox-mcp MCP Server. The vulnerability is caused by…
- risk 0.42cvss 6.3epss 0.38
A vulnerability was found in Belkin F9K1122 1.00.33. It has been classified as critical. This affects the function mp of the file /goform/mp of the component webs. The manipulation of the argument command leads to os command injection. It is possible to initiate the attack…
- risk 0.42cvss 6.3epss 0.13
A vulnerability was found in Belkin F9K1122 1.00.33 and classified as critical. Affected by this issue is the function formBSSetSitesurvey of the file /goform/formBSSetSitesurvey of the component webs. The manipulation of the argument wan_ipaddr/wan_netmask/wan_gateway/wl_ssid…
- risk 0.42cvss 6.3epss 0.15
A vulnerability has been found in Belkin F9K1122 1.00.33 and classified as critical. Affected by this vulnerability is the function formSetWanStatic of the file /goform/formSetWanStatic of the component webs. The manipulation of the argument…
- risk 0.42cvss 6.4epss 0.00
Nokia Single RAN baseband software earlier than 24R1-SR 1.0 MP contains administrative shell input validation fault, which authenticated admin user can, in theory, potentially use for injecting arbitrary commands for unprivileged baseband OAM service process execution via…
- risk 0.42cvss 6.3epss 0.03
A vulnerability classified as critical has been found in TOTOLINK CA300-PoE 6.2c.884. This affects the function QuickSetting of the file ap.so. The manipulation of the argument hour/minute leads to os command injection. It is possible to initiate the attack remotely. The exploit…
- risk 0.42cvss 6.3epss 0.03
A vulnerability was found in TOTOLINK CA300-PoE 6.2c.884. It has been rated as critical. Affected by this issue is the function setUpgradeUboot of the file upgrade.so. The manipulation of the argument FileName leads to os command injection. The attack may be launched remotely.…
- risk 0.42cvss 6.3epss 0.03
A vulnerability was found in TOTOLINK CA300-PoE 6.2c.884. It has been declared as critical. Affected by this vulnerability is the function setUpgradeFW of the file upgrade.so. The manipulation of the argument FileName leads to os command injection. The attack can be launched…
- risk 0.42cvss 6.3epss 0.03
A vulnerability was found in TOTOLINK CA300-PoE 6.2c.884. It has been classified as critical. Affected is the function SetWLanApcliSettings of the file wps.so. The manipulation of the argument PIN leads to os command injection. It is possible to launch the attack remotely. The…
- risk 0.42cvss 6.3epss 0.06
A vulnerability was found in TOTOLINK A3002R 1.1.1-B20200824.0128. It has been classified as critical. This affects the function formWlSiteSurvey of the file /boafrm/formWlSiteSurvey. The manipulation of the argument wlanif leads to os command injection. It is possible to…
- risk 0.42cvss 6.5epss 0.00
An arbitrary file upload vulnerability in M2Soft CROWNIX Report & ERS v5.x to v5.5.14.1070, v7.x to v7.4.3.960, and v8.x to v8.2.0.345 allows attackers to execute arbitrary code via supplying a crafted file.
- risk 0.42cvss 6.5epss 0.00
An arbitrary file upload vulnerability in the opcode 500 functionality of M2Soft CROWNIX Report & ERS v5.x to v5.5.14.1070, v7.x to v7.4.3.960, and v8.x to v8.2.0.345 allows attackers to execute arbitrary code via supplying a crafted file.
- risk 0.42cvss 6.5epss 0.00
An issue in dlink DNS-320 v.1.00 and DNS-320LW v.1.01.0914.20212 allows an attacker to execute arbitrary via the account_mgr.cgi->cgi_chg_admin_pw components.
- risk 0.42cvss 6.5epss 0.00
HTML injection vulnerability in lemeconsultoria HCM galera.app v.4.58.0 allows an attacker to execute arbitrary code via the .galera.app/ted/solicitacao_treinamento/, .galera.app/rh/metas/perspectiva_estrategica/edicao/, .galera.app/rh/cadastros/perspectivas/listagem/adc/,…
- risk 0.42cvss 6.5epss 0.00
An issue in the component /internals/functions of R-fx Networks Linux Malware Detect v1.6.5 allows attackers to escalate privileges and execute arbitrary code via supplying a file that contains a crafted filename.
- risk 0.42cvss 6.5epss 0.00
An issue in Via Browser 6.1.0 allows a a remote attacker to execute arbitrary code via the mark.via.Shell component.
- risk 0.42cvss 6.5epss 0.07
Ruijie NBR800G gateway NBR_RGOS_11.1(6)B4P9 is vulnerable to command execution in /itbox_pi/networksafe.php via the province parameter.
- risk 0.42cvss 7.5epss 0.01
Thymeleaf through 3.1.1.RELEASE, as used in spring-boot-admin (aka Spring Boot Admin) through 3.1.1 and other products, allows sandbox bypass via crafted HTML. This may be relevant for SSTI (Server Side Template Injection) and code execution in spring-boot-admin if MailNotifier…
- risk 0.42cvss 7.5epss 0.04
A Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in wrangler of SUSE Rancher allows remote attackers to inject commands in the underlying host via crafted commands passed to Wrangler. This issue affects: SUSE Rancher…