VYPR

CWE-77

Improper Neutralization of Special Elements used in a Command ('Command Injection')

ClassDraftLikelihood: High

Description

The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-136 · CAPEC-15 · CAPEC-183 · CAPEC-248 · CAPEC-40 · CAPEC-43 · CAPEC-75 · CAPEC-76

CVEs mapped to this weakness (1,552)

page 61 of 78
  • CVE-2015-5082Sep 28, 2015
    risk 0.09cvss epss 0.70

    Endian Firewall before 3.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) NEW_PASSWORD_1 or (2) NEW_PASSWORD_2 parameter to cgi-bin/chpasswd.cgi.

  • CVE-2014-8517Nov 17, 2014
    risk 0.09cvss epss 0.69

    The fetch_url function in usr.bin/ftp/fetch.c in tnftp, as used in NetBSD 5.1 through 5.1.4, 5.2 through 5.2.2, 6.0 through 6.0.6, and 6.1 through 6.1.5 allows remote attackers to execute arbitrary commands via a | (pipe) character at the end of an HTTP redirect.

  • CVE-2019-15954Sep 5, 2019
    risk 0.08cvss epss 0.79

    An issue was discovered in Total.js CMS 12.0.0. An authenticated user with the widgets privilege can gain achieve Remote Command Execution (RCE) on the remote server by creating a malicious widget with a special tag containing JavaScript code that will be evaluated server side.…

  • CVE-2016-1000282Feb 5, 2019
    risk 0.08cvss epss 0.13

    Haraka version 2.8.8 and earlier comes with a plugin for processing attachments for zip files. Versions 2.8.8 and earlier can be vulnerable to command injection.

  • CVE-2015-5453Jul 8, 2015
    risk 0.08cvss epss 0.57

    Watchguard XCS 9.2 and 10.0 before build 150522 allow remote authenticated users to execute arbitrary commands via shell metacharacters in the id parameter to ADMIN/mailqueue.spl.

  • CVE-2015-2208Mar 12, 2015
    risk 0.08cvss epss 0.62

    The saveObject function in moadmin.php in phpMoAdmin 1.1.2 allows remote attackers to execute arbitrary commands via shell metacharacters in the object parameter.

  • CVE-2023-33831Sep 18, 2023
    risk 0.07cvss epss 0.14

    A remote command execution (RCE) vulnerability in the /api/runscript endpoint of FUXA 1.1.13 allows attackers to execute arbitrary commands via a crafted POST request.

  • CVE-2023-32007May 2, 2023
    risk 0.07cvss epss 0.76

    ** UNSUPPORTED WHEN ASSIGNED ** The Apache Spark UI offers the possibility to enable ACLs via the configuration option spark.acls.enable. With an authentication filter, this checks whether a user has access permissions to view or modify the application. If ACLs are enabled, a…

  • CVE-2022-24697Oct 13, 2022
    risk 0.07cvss epss 0.85

    Kylin's cube designer function has a command injection vulnerability when overwriting system parameters in the configuration overwrites menu. RCE can be implemented by closing the single quotation marks around the parameter value of “-- conf=” to inject any operating system…

  • CVE-2020-28429Feb 23, 2021
    risk 0.07cvss epss 0.63

    All versions of package geojson2kml are vulnerable to Command Injection via the index.js file. PoC: var a =require("geojson2kml"); a("./","& touch JHU",function(){})

  • CVE-2019-19609Dec 5, 2019
    risk 0.07cvss epss 0.54

    The Strapi framework before 3.0.0-beta.17.8 is vulnerable to Remote Code Execution in the Install and Uninstall Plugin components of the Admin panel, because it does not sanitize the plugin name, and attackers can inject arbitrary shell commands to be executed by the execa…

  • CVE-2014-7285Dec 17, 2014
    risk 0.07cvss epss 0.50

    The management console on the Symantec Web Gateway (SWG) appliance before 5.2.2 allows remote authenticated users to execute arbitrary OS commands by injecting command strings into unspecified PHP scripts.

  • CVE-2022-26265Mar 18, 2022
    risk 0.06cvss epss 0.30

    Contao Managed Edition v1.5.0 was discovered to contain a remote command execution (RCE) vulnerability via the component php_cli parameter.

  • CVE-2021-32849Jan 26, 2022
    risk 0.06cvss epss 0.08

    Gerapy is a distributed crawler management framework. Prior to version 0.9.9, an authenticated user could execute arbitrary commands. This issue is fixed in version 0.9.9. There are no known workarounds.

  • CVE-2016-15057Jan 26, 2026
    risk 0.05cvss epss 0.04

    ** UNSUPPORTED WHEN ASSIGNED ** Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Apache Continuum. This issue affects Apache Continuum: all versions. Attackers with access to the installations REST API can use this to invoke…

  • CVE-2015-2746Mar 26, 2015
    risk 0.05cvss epss 0.26

    The network diagnostics tool (CommandLineServlet) in the Appliance Manager command line utility (CLU) in Websense TRITON 7.8.3 and V-Series appliances before 7.8.4 Hotfix 02 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the "second"…

  • CVE-2022-39986Aug 1, 2023
    risk 0.04cvss epss 0.99

    A Command injection vulnerability in RaspAP 2.8.0 thru 2.8.7 allows unauthenticated attackers to execute arbitrary commands via the cfg_id parameter in /ajax/openvpn/activate_ovpncfg.php and /ajax/openvpn/del_ovpncfg.php.

  • CVE-2023-0315Jan 16, 2023
    risk 0.04cvss epss 0.98

    Command Injection in GitHub repository froxlor/froxlor prior to 2.0.8.

  • CVE-2015-6912Sep 11, 2015
    risk 0.04cvss epss 0.12

    Synology Video Station before 1.5-0763 allows remote attackers to execute arbitrary shell commands via shell metacharacters in the subtitle_codepage parameter to subtitle.cgi.

  • CVE-2015-1815Mar 30, 2015
    risk 0.04cvss epss 0.16

    The get_rpm_nvr_by_file_path_temporary function in util.py in setroubleshoot before 3.2.22 allows remote attackers to execute arbitrary commands via shell metacharacters in a file name.