CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
ClassDraftLikelihood: High
Description
The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-136 · CAPEC-15 · CAPEC-183 · CAPEC-248 · CAPEC-40 · CAPEC-43 · CAPEC-75 · CAPEC-76
CVEs mapped to this weakness (1,036)
page 51 of 52| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2015-4930 | 0.00 | — | 0.02 | Oct 4, 2015 | IBM QRadar SIEM 7.1 MR2 before Patch 11 IF02 and 7.2.x before 7.2.5 Patch 4 allows remote authenticated users to execute arbitrary commands with root privileges by leveraging admin access. | ||
| CVE-2015-2011 | 0.00 | — | 0.01 | Oct 4, 2015 | The xmlrpc.cgi Webmin script in IBM QRadar SIEM 7.1 MR2 before Patch 11 IF02 and 7.2.x before 7.2.5 Patch 4 allows remote authenticated users to execute arbitrary commands with root privileges via unspecified vectors. | ||
| CVE-2015-6547 | 0.00 | — | 0.03 | Sep 20, 2015 | The management console on Symantec Web Gateway (SWG) appliances with software before 5.2.2 DB 5.0.0.1277 allows remote authenticated users to execute arbitrary commands at boot time via unspecified vectors. | ||
| CVE-2015-5274 | 0.00 | — | 0.01 | Sep 18, 2015 | rubygem-openshift-origin-console in Red Hat OpenShift 2.2 allows remote authenticated users to execute arbitrary commands via a crafted request to the Broker. | ||
| CVE-2015-5190 | 0.00 | — | 0.01 | Sep 3, 2015 | The pcsd web UI in PCS 0.9.139 and earlier allows remote authenticated users to execute arbitrary commands via "escape characters" in a URL. | ||
| CVE-2015-5474 | 0.00 | — | 0.01 | Aug 13, 2015 | BitTorrent and uTorrent allow remote attackers to inject command line parameters and execute arbitrary commands via a crafted URL using the (1) bittorrent or (2) magnet protocol. | ||
| CVE-2015-5080 | 0.00 | — | 0.01 | Jul 16, 2015 | The Management Interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 10.1 before 10.1.132.8, 10.5 before Build 56.15, and 10.5.e before Build 56.1505.e allows remote authenticated users to execute arbitrary shell commands via shell metacharacters in the filter parameter to rapi/ipsec_logs. | ||
| CVE-2015-1561 | 0.00 | — | 0.05 | Jul 14, 2015 | The escape_command function in include/Administration/corePerformance/getStats.php in Centreon (formerly Merethis Centreon) 2.5.4 and earlier (fixed in Centreon 19.10.0) uses an incorrect regular expression, which allows remote authenticated users to execute arbitrary commands via shell metacharacters in the ns_id parameter. | ||
| CVE-2015-4525 | 0.00 | — | 0.01 | Jul 4, 2015 | The log-gather implementation in the web administration interface in EMC Isilon OneFS 6.5.x.x through 7.1.1.x before 7.1.1.5 and 7.2.0.x before 7.2.0.2 allows remote authenticated users to execute arbitrary commands with root privileges via unspecified vectors. | ||
| CVE-2015-3716 | 0.00 | — | 0.00 | Jul 3, 2015 | Spotlight in Apple OS X before 10.10.4 allows attackers to execute arbitrary commands via a crafted name of a photo file within the local photo library. | ||
| CVE-2015-3678 | 0.00 | — | 0.00 | Jul 3, 2015 | AppleThunderboltEDMService in Apple OS X before 10.10.4 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified Thunderbolt commands. | ||
| CVE-2015-4336 | 0.00 | — | 0.01 | Jun 17, 2015 | cloner.functions.php in the XCloner plugin 3.1.2 for WordPress allows remote authenticated users to execute arbitrary commands via a file containing filenames with shell metacharacters, as demonstrated by using the backup comments feature to create the file. | ||
| CVE-2015-3408 | 0.00 | — | 0.04 | May 19, 2015 | Module::Signature before 0.74 allows remote attackers to execute arbitrary shell commands via a crafted SIGNATURE file which is not properly handled when generating checksums from a signed manifest. | ||
| CVE-2015-0538 | 0.00 | — | 0.06 | May 7, 2015 | ftagent.exe in EMC AutoStart 5.4.x and 5.5.x before 5.5.0.508 HF4 allows remote attackers to execute arbitrary commands via crafted packets. | ||
| CVE-2015-2846 | 0.00 | — | 0.02 | Apr 13, 2015 | BitTorrent Sync allows remote attackers to execute arbitrary commands via a crafted btsync: link. | ||
| CVE-2015-0225 | 0.00 | — | 0.01 | Apr 3, 2015 | The default configuration in Apache Cassandra 1.2.0 through 1.2.19, 2.0.0 through 2.0.13, and 2.1.0 through 2.1.3 binds an unauthenticated JMX/RMI interface to all network interfaces, which allows remote attackers to execute arbitrary Java code via an RMI request. | ||
| CVE-2015-2265 | 0.00 | — | 0.06 | Mar 24, 2015 | The remove_bad_chars function in utils/cups-browsed.c in cups-filters before 1.0.66 allows remote IPP printers to execute arbitrary commands via consecutive shell metacharacters in the (1) model or (2) PDL. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2707. | ||
| CVE-2015-0778 | 0.00 | — | 0.01 | Mar 16, 2015 | osc before 0.151.0 allows remote attackers to execute arbitrary commands via shell metacharacters in a _service file. | ||
| CVE-2015-0934 | 0.00 | — | 0.02 | Mar 4, 2015 | Common LaTeX Service Interface (CLSI) before 0.1.3, as used in ShareLaTeX before 0.1.3, allows remote authenticated users to execute arbitrary code via ` (backtick) characters in a filename. | ||
| CVE-2014-9682 | 0.00 | — | 0.01 | Feb 28, 2015 | The dns-sync module before 0.1.1 for node.js allows context-dependent attackers to execute arbitrary commands via shell metacharacters in the first argument to the resolve API function. |