VYPR

CWE-77

Improper Neutralization of Special Elements used in a Command ('Command Injection')

ClassDraftLikelihood: High

Description

The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-136 · CAPEC-15 · CAPEC-183 · CAPEC-248 · CAPEC-40 · CAPEC-43 · CAPEC-75 · CAPEC-76

CVEs mapped to this weakness (1,552)

page 62 of 78
  • CVE-2014-1905Dec 29, 2014
    risk 0.04cvss epss 0.10

    Unrestricted file upload vulnerability in ls/vw_snapshots.php in the VideoWhisper Live Streaming Integration plugin before 4.29.5 for WordPress allows remote attackers to execute arbitrary PHP code by uploading a file with a double extension, and then accessing the file via a…

  • CVE-2014-9144Dec 5, 2014
    risk 0.04cvss epss 0.09

    Technicolor Router TD5130 with firmware 2.05.C29GV allows remote attackers to execute arbitrary commands via shell metacharacters in the ping field (setobject_ip parameter).

  • CVE-2010-2008Jul 13, 2010
    risk 0.04cvss epss 0.09

    MySQL before 5.1.48 allows remote authenticated users with alter database privileges to cause a denial of service (server crash and database loss) via an ALTER DATABASE command with a #mysql50# string followed by a . (dot), .. (dot dot), ../ (dot dot slash) or similar sequence,…

  • CVE-2025-54782Aug 1, 2025
    risk 0.03cvss epss 0.46

    Nest is a framework for building scalable Node.js server-side applications. In versions 0.2.0 and below, a critical Remote Code Execution (RCE) vulnerability was discovered in the @nestjs/devtools-integration package. When enabled, the package exposes a local development HTTP…

  • CVE-2022-25765Sep 9, 2022
    risk 0.03cvss epss 0.39

    The package pdfkit from 0.0.0 are vulnerable to Command Injection where the URL is not properly sanitized.

  • CVE-2022-25766Mar 21, 2022
    risk 0.03cvss epss 0.34

    The package ungit before 1.5.20 are vulnerable to Remote Code Execution (RCE) via argument injection. The issue occurs when calling the /api/fetch endpoint. User controlled values (remote and ref) are passed to the git fetch command. By injecting some git options it was possible…

  • CVE-2013-7285May 15, 2019
    risk 0.03cvss epss 0.84

    Xstream API versions up to 1.4.6 and version 1.4.10, if the security framework has not been initialized, may allow a remote attacker to run arbitrary shell commands by manipulating the processed input stream when unmarshaling XML or any supported format. e.g. JSON.

  • CVE-2014-7208Dec 19, 2014
    risk 0.03cvss epss 0.01

    GParted before 0.15.0 allows local users to execute arbitrary commands with root privileges via shell metacharacters in a crafted filesystem label.

  • CVE-2014-1216Apr 22, 2014
    risk 0.03cvss epss 0.04

    FitNesse Wiki 20131110, 20140201, and earlier allows remote attackers to execute arbitrary commands by defining a COMMAND_PATTERN and TEST_RUNNER in the pageContent parameter when editing a page.

  • CVE-2018-1000802CriSep 18, 2018
    risk 0.02cvss 9.8epss 0.21

    Python Software Foundation Python (CPython) version 2.7 contains a CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in shutil module (make_archive function) that can result in Denial of service, Information gain via…

  • CVE-2024-52308Nov 14, 2024
    risk 0.01cvss epss 0.01

    The GitHub CLI version 2.6.1 and earlier are vulnerable to remote code execution through a malicious codespace SSH server when using `gh codespace ssh` or `gh codespace logs` commands. This has been patched in the cli v2.62.0. Developers connect to remote codespaces through an…

  • CVE-2024-9264Oct 18, 2024
    risk 0.01cvss epss 0.98

    The SQL Expressions experimental feature of Grafana allows for the evaluation of `duckdb` queries containing user input. These queries are insufficiently sanitized before being passed to `duckdb`, leading to a command injection and local file inclusion vulnerability. Any user…

  • CVE-2024-3116Apr 4, 2024
    risk 0.01cvss epss 0.65

    pgAdmin <= 8.4 is affected by a Remote Code Execution (RCE) vulnerability through the validate binary path API. This vulnerability allows attackers to execute arbitrary code on the server hosting PGAdmin, posing a severe risk to the database management system's integrity and…

  • CVE-2023-27848Apr 24, 2023
    risk 0.01cvss epss 0.02

    broccoli-compass v0.2.4 was discovered to contain a remote code execution (RCE) vulnerability via the child_process function.

  • CVE-2022-28220Sep 8, 2022
    risk 0.01cvss epss 0.02

    Apache James prior to release 3.6.3 and 3.7.1 is vulnerable to a buffering attack relying on the use of the STARTTLS command. Fix of CVE-2021-38542, which solved similar problem fron Apache James 3.6.1, is subject to a parser differential and do not take into account concurrent…

  • CVE-2021-36024Sep 1, 2021
    risk 0.01cvss epss 0.03

    Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an Improper Neutralization of Special Elements Used In A Command via the Data collection endpoint. An attacker with admin privileges can upload a specially crafted file…

  • CVE-2021-38556Aug 24, 2021
    risk 0.01cvss epss 0.13

    includes/configure_client.php in RaspAP 2.6.6 allows attackers to execute commands via command injection.

  • CVE-2021-26275Mar 18, 2021
    risk 0.01cvss epss 0.03

    The eslint-fixer package through 0.1.5 for Node.js allows command injection via shell metacharacters to the fix function. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. The ozum/eslint-fixer GitHub repository has been intentionally…

  • CVE-2021-3148Feb 27, 2021
    risk 0.01cvss epss 0.08

    An issue was discovered in SaltStack Salt before 3002.5. Sending crafted web requests to the Salt API can result in salt.utils.thin.gen_thin() command injection because of different handling of single versus double quotes. This is related to salt/utils/thin.py.

  • CVE-2020-28426Feb 1, 2021
    risk 0.01cvss epss 0.02

    All versions of package kill-process-on-port are vulnerable to Command Injection via a.getProcessPortId.