VYPR

CWE-77

Improper Neutralization of Special Elements used in a Command ('Command Injection')

ClassDraftLikelihood: High

Description

The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-136 · CAPEC-15 · CAPEC-183 · CAPEC-248 · CAPEC-40 · CAPEC-43 · CAPEC-75 · CAPEC-76

CVEs mapped to this weakness (1,552)

page 67 of 78
  • CVE-2023-5752Oct 24, 2023
    risk 0.00cvss epss 0.00

    When installing a package from a Mercurial VCS URL (ie "pip install hg+...") with pip prior to v23.3, the specified Mercurial revision could be used to inject arbitrary configuration options to the "hg clone" call (ie "--config"). Controlling the Mercurial configuration can…

  • CVE-2023-26155Oct 14, 2023
    risk 0.00cvss epss 0.02

    All versions of the package node-qpdf are vulnerable to Command Injection such that the package-exported method encrypt() fails to sanitize its parameter input, which later flows into a sensitive command execution API. As a result, attackers may inject malicious commands once…

  • CVE-2023-36414Oct 10, 2023
    risk 0.00cvss epss 0.02

    Azure Identity SDK Remote Code Execution Vulnerability

  • CVE-2023-26153Oct 6, 2023
    risk 0.00cvss epss 0.03

    Versions of the package geokit-rails before 2.5.0 are vulnerable to Command Injection due to unsafe deserialisation of YAML within the 'geo_location' cookie. This issue can be exploited remotely via a malicious cookie value. **Note:** An attacker can use this vulnerability to…

  • CVE-2023-26145Sep 28, 2023
    risk 0.00cvss epss 0.03

    This affects versions of the package pydash before 6.0.0. A number of pydash methods such as pydash.objects.invoke() and pydash.collections.invoke_map() accept dotted paths (Deep Path Strings) to target a nested Python object, relative to the original source object. These paths…

  • CVE-2023-42810Sep 21, 2023
    risk 0.00cvss epss 0.02

    systeminformation is a System Information Library for Node.JS. Versions 5.0.0 through 5.21.6 have a SSID Command Injection Vulnerability. The problem was fixed with a parameter check in version 5.21.7. As a workaround, check or sanitize parameter strings that are passed to…

  • CVE-2023-37469Aug 24, 2023
    risk 0.00cvss epss 0.01

    CasaOS is an open-source personal cloud system. Prior to version 0.4.4, if an authenticated user using CasaOS is able to successfully connect to a controlled SMB server, they are able to execute arbitrary commands. Version 0.4.4 contains a patch for the issue.

  • CVE-2023-35390Aug 8, 2023
    risk 0.00cvss epss 0.02

    .NET and Visual Studio Remote Code Execution Vulnerability

  • CVE-2023-39523Aug 7, 2023
    risk 0.00cvss epss 0.02

    ScanCode.io is a server to script and automate software composition analysis with ScanPipe pipelines. Prior to version 32.5.1, the software has a possible command injection vulnerability in the docker fetch process as it allows to append malicious commands in the…

  • CVE-2022-39987Aug 1, 2023
    risk 0.00cvss epss 0.35

    A Command injection vulnerability in RaspAP 2.8.0 thru 2.9.2 allows an authenticated attacker to execute arbitrary OS commands as root via the "entity" POST parameters in /ajax/networking/get_wgkey.php.

  • CVE-2023-38286Jul 14, 2023
    risk 0.00cvss epss 0.01

    Thymeleaf through 3.1.1.RELEASE, as used in spring-boot-admin (aka Spring Boot Admin) through 3.1.1 and other products, allows sandbox bypass via crafted HTML. This may be relevant for SSTI (Server Side Template Injection) and code execution in spring-boot-admin if MailNotifier…

  • CVE-2023-36457Jul 5, 2023
    risk 0.00cvss epss 0.02

    1Panel is an open source Linux server operation and maintenance management panel. Prior to version 1.3.6, an authenticated attacker can craft a malicious payload to achieve command injection when adding container repositories. The vulnerability has been fixed in v1.3.6.

  • CVE-2023-36458Jul 5, 2023
    risk 0.00cvss epss 0.02

    1Panel is an open source Linux server operation and maintenance management panel. Prior to version 1.3.6, an authenticated attacker can craft a malicious payloads to achieve command injection when entering the container terminal. The vulnerability has been fixed in v1.3.6.

  • CVE-2023-26134Jun 28, 2023
    risk 0.00cvss epss 0.04

    Versions of the package git-commit-info before 2.0.2 are vulnerable to Command Injection such that the package-exported method gitCommitInfo () fails to sanitize its parameter commit, which later flows into a sensitive command execution API. As a result, attackers may inject…

  • CVE-2023-35932Jun 23, 2023
    risk 0.00cvss epss 0.02

    jcvi is a Python library to facilitate genome assembly, annotation, and comparative genomics. A configuration injection happens when user input is considered by the application in an unsanitized format and can reach the configuration file. A malicious user may craft a special…

  • CVE-2023-30260Jun 23, 2023
    risk 0.00cvss epss 0.02

    Command injection vulnerability in RaspAP raspap-webgui 2.8.8 and earlier allows remote attackers to run arbitrary commands via crafted POST request to hostapd settings form.

  • CVE-2023-34230Jun 8, 2023
    risk 0.00cvss epss 0.01

    snowflake-connector-net, the Snowflake Connector for .NET, is vulnerable to command injection prior to version 2.0.18 via SSO URL authentication. In order to exploit the potential for command injection, an attacker would need to be successful in (1) establishing a malicious…

  • CVE-2023-34233Jun 8, 2023
    risk 0.00cvss epss 0.02

    The Snowflake Connector for Python provides an interface for developing Python applications that can connect to Snowflake and perform all standard operations. Versions prior to 3.0.2 are vulnerable to command injection via single sign-on(SSO) browser URL authentication. In order…

  • CVE-2023-34232Jun 8, 2023
    risk 0.00cvss epss 0.02

    snowflake-connector-nodejs, a NodeJS driver for Snowflake, is vulnerable to command injection via single sign on (SSO) browser URL authentication in versions prior to 1.6.21. In order to exploit the potential for command injection, an attacker would need to be successful in (1)…

  • CVE-2023-34231Jun 8, 2023
    risk 0.00cvss epss 0.02

    gosnowflake is th Snowflake Golang driver. Prior to version 1.6.19, a command injection vulnerability exists in the Snowflake Golang driver via single sign-on (SSO) browser URL authentication. In order to exploit the potential for command injection, an attacker would need to be…