CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
Description
The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-136 · CAPEC-15 · CAPEC-183 · CAPEC-248 · CAPEC-40 · CAPEC-43 · CAPEC-75 · CAPEC-76
CVEs mapped to this weakness (1,552)
page 77 of 78| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2015-4525 | 0.00 | — | 0.02 | Jul 4, 2015 | The log-gather implementation in the web administration interface in EMC Isilon OneFS 6.5.x.x through 7.1.1.x before 7.1.1.5 and 7.2.0.x before 7.2.0.2 allows remote authenticated users to execute arbitrary commands with root privileges via unspecified vectors. | |||
| CVE-2015-3716 | 0.00 | — | 0.00 | Jul 3, 2015 | Spotlight in Apple OS X before 10.10.4 allows attackers to execute arbitrary commands via a crafted name of a photo file within the local photo library. | |||
| CVE-2015-3678 | 0.00 | — | 0.00 | Jul 3, 2015 | AppleThunderboltEDMService in Apple OS X before 10.10.4 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified Thunderbolt commands. | |||
| CVE-2015-1949 | 0.00 | — | 0.06 | Jun 30, 2015 | The server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 allows remote attackers to execute arbitrary commands with SYSTEM privileges via unspecified vectors. | |||
| CVE-2015-1938 | 0.00 | — | 0.06 | Jun 30, 2015 | The server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 allows remote attackers to execute arbitrary commands via unspecified vectors, a different vulnerability than CVE-2015-1986. | |||
| CVE-2015-4336 | 0.00 | — | 0.03 | Jun 17, 2015 | cloner.functions.php in the XCloner plugin 3.1.2 for WordPress allows remote authenticated users to execute arbitrary commands via a file containing filenames with shell metacharacters, as demonstrated by using the backup comments feature to create the file. | |||
| CVE-2015-3408 | 0.00 | — | 0.06 | May 19, 2015 | Module::Signature before 0.74 allows remote attackers to execute arbitrary shell commands via a crafted SIGNATURE file which is not properly handled when generating checksums from a signed manifest. | |||
| CVE-2015-2846 | 0.00 | — | 0.04 | Apr 13, 2015 | BitTorrent Sync allows remote attackers to execute arbitrary commands via a crafted btsync: link. | |||
| CVE-2015-2265 | 0.00 | — | 0.03 | Mar 24, 2015 | The remove_bad_chars function in utils/cups-browsed.c in cups-filters before 1.0.66 allows remote IPP printers to execute arbitrary commands via consecutive shell metacharacters in the (1) model or (2) PDL. NOTE: this vulnerability exists because of an incomplete fix for… | |||
| CVE-2015-0778 | 0.00 | — | 0.04 | Mar 16, 2015 | osc before 0.151.0 allows remote attackers to execute arbitrary commands via shell metacharacters in a _service file. | |||
| CVE-2015-0934 | 0.00 | — | 0.02 | Mar 4, 2015 | Common LaTeX Service Interface (CLSI) before 0.1.3, as used in ShareLaTeX before 0.1.3, allows remote authenticated users to execute arbitrary code via ` (backtick) characters in a filename. | |||
| CVE-2014-9682 | 0.00 | — | 0.03 | Feb 28, 2015 | The dns-sync module before 0.1.1 for node.js allows context-dependent attackers to execute arbitrary commands via shell metacharacters in the first argument to the resolve API function. | |||
| CVE-2014-8630 | 0.00 | — | 0.02 | Feb 1, 2015 | Bugzilla before 4.0.16, 4.1.x and 4.2.x before 4.2.12, 4.3.x and 4.4.x before 4.4.7, and 5.x before 5.0rc1 allows remote authenticated users to execute arbitrary commands by leveraging the editcomponents privilege and triggering crafted input to a two-argument Perl open call, as… | |||
| CVE-2014-9622 | 0.00 | — | 0.03 | Jan 21, 2015 | Eval injection vulnerability in xdg-utils 1.1.0 RC1, when no supported desktop environment is identified, allows context-dependent attackers to execute arbitrary code via the URL argument to xdg-open. | |||
| CVE-2014-7209 | 0.00 | — | 0.03 | Jan 6, 2015 | run-mailcap in the Debian mime-support package before 3.52-1+deb7u1 allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a filename. | |||
| CVE-2014-9277 | 0.00 | — | 0.02 | Jan 4, 2015 | The wfMangleFlashPolicy function in OutputHandler.php in MediaWiki before 1.19.22, 1.20.x through 1.22.x before 1.22.14, and 1.23.x before 1.23.7 allows remote attackers to conduct PHP object injection attacks via a crafted string containing in a PHP format… | |||
| CVE-2013-7418 | 0.00 | — | 0.02 | Jan 2, 2015 | cgi-bin/iptablesgui.cgi in IPCop (aka IPCop Firewall) before 2.1.5 allows remote authenticated users to execute arbitrary code via shell metacharacters in the TABLE parameter. NOTE: this can be exploited remotely by leveraging a separate cross-site scripting (XSS) vulnerability. | |||
| CVE-2013-4663 | 0.00 | — | 0.02 | Dec 28, 2014 | git_http_controller.rb in the redmine_git_hosting plugin for Redmine allows remote attackers to execute arbitrary commands via shell metacharacters in (1) the service parameter to info/refs, related to the get_info_refs function or (2) the reqfile argument to the file_exists… | |||
| CVE-2014-9188 | 0.00 | — | 0.06 | Dec 27, 2014 | Buffer overflow in an ActiveX control in MDraw30.ocx in Schneider Electric ProClima before 6.1.7 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8513 and CVE-2014-8514. NOTE: this may be clarified later based on… | |||
| CVE-2014-6260 | 0.00 | — | 0.02 | Dec 15, 2014 | Zenoss Core through 5 Beta 3 does not require a password for modifying the pager command string, which allows remote attackers to execute arbitrary commands or cause a denial of service (paging outage) by leveraging an unattended workstation, aka ZEN-15412. |
- CVE-2015-4525Jul 4, 2015risk 0.00cvss —epss 0.02
The log-gather implementation in the web administration interface in EMC Isilon OneFS 6.5.x.x through 7.1.1.x before 7.1.1.5 and 7.2.0.x before 7.2.0.2 allows remote authenticated users to execute arbitrary commands with root privileges via unspecified vectors.
- CVE-2015-3716Jul 3, 2015risk 0.00cvss —epss 0.00
Spotlight in Apple OS X before 10.10.4 allows attackers to execute arbitrary commands via a crafted name of a photo file within the local photo library.
- CVE-2015-3678Jul 3, 2015risk 0.00cvss —epss 0.00
AppleThunderboltEDMService in Apple OS X before 10.10.4 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified Thunderbolt commands.
- CVE-2015-1949Jun 30, 2015risk 0.00cvss —epss 0.06
The server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 allows remote attackers to execute arbitrary commands with SYSTEM privileges via unspecified vectors.
- CVE-2015-1938Jun 30, 2015risk 0.00cvss —epss 0.06
The server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 allows remote attackers to execute arbitrary commands via unspecified vectors, a different vulnerability than CVE-2015-1986.
- CVE-2015-4336Jun 17, 2015risk 0.00cvss —epss 0.03
cloner.functions.php in the XCloner plugin 3.1.2 for WordPress allows remote authenticated users to execute arbitrary commands via a file containing filenames with shell metacharacters, as demonstrated by using the backup comments feature to create the file.
- CVE-2015-3408May 19, 2015risk 0.00cvss —epss 0.06
Module::Signature before 0.74 allows remote attackers to execute arbitrary shell commands via a crafted SIGNATURE file which is not properly handled when generating checksums from a signed manifest.
- CVE-2015-2846Apr 13, 2015risk 0.00cvss —epss 0.04
BitTorrent Sync allows remote attackers to execute arbitrary commands via a crafted btsync: link.
- CVE-2015-2265Mar 24, 2015risk 0.00cvss —epss 0.03
The remove_bad_chars function in utils/cups-browsed.c in cups-filters before 1.0.66 allows remote IPP printers to execute arbitrary commands via consecutive shell metacharacters in the (1) model or (2) PDL. NOTE: this vulnerability exists because of an incomplete fix for…
- CVE-2015-0778Mar 16, 2015risk 0.00cvss —epss 0.04
osc before 0.151.0 allows remote attackers to execute arbitrary commands via shell metacharacters in a _service file.
- CVE-2015-0934Mar 4, 2015risk 0.00cvss —epss 0.02
Common LaTeX Service Interface (CLSI) before 0.1.3, as used in ShareLaTeX before 0.1.3, allows remote authenticated users to execute arbitrary code via ` (backtick) characters in a filename.
- CVE-2014-9682Feb 28, 2015risk 0.00cvss —epss 0.03
The dns-sync module before 0.1.1 for node.js allows context-dependent attackers to execute arbitrary commands via shell metacharacters in the first argument to the resolve API function.
- CVE-2014-8630Feb 1, 2015risk 0.00cvss —epss 0.02
Bugzilla before 4.0.16, 4.1.x and 4.2.x before 4.2.12, 4.3.x and 4.4.x before 4.4.7, and 5.x before 5.0rc1 allows remote authenticated users to execute arbitrary commands by leveraging the editcomponents privilege and triggering crafted input to a two-argument Perl open call, as…
- CVE-2014-9622Jan 21, 2015risk 0.00cvss —epss 0.03
Eval injection vulnerability in xdg-utils 1.1.0 RC1, when no supported desktop environment is identified, allows context-dependent attackers to execute arbitrary code via the URL argument to xdg-open.
- CVE-2014-7209Jan 6, 2015risk 0.00cvss —epss 0.03
run-mailcap in the Debian mime-support package before 3.52-1+deb7u1 allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a filename.
- CVE-2014-9277Jan 4, 2015risk 0.00cvss —epss 0.02
The wfMangleFlashPolicy function in OutputHandler.php in MediaWiki before 1.19.22, 1.20.x through 1.22.x before 1.22.14, and 1.23.x before 1.23.7 allows remote attackers to conduct PHP object injection attacks via a crafted string containing in a PHP format…
- CVE-2013-7418Jan 2, 2015risk 0.00cvss —epss 0.02
cgi-bin/iptablesgui.cgi in IPCop (aka IPCop Firewall) before 2.1.5 allows remote authenticated users to execute arbitrary code via shell metacharacters in the TABLE parameter. NOTE: this can be exploited remotely by leveraging a separate cross-site scripting (XSS) vulnerability.
- CVE-2013-4663Dec 28, 2014risk 0.00cvss —epss 0.02
git_http_controller.rb in the redmine_git_hosting plugin for Redmine allows remote attackers to execute arbitrary commands via shell metacharacters in (1) the service parameter to info/refs, related to the get_info_refs function or (2) the reqfile argument to the file_exists…
- CVE-2014-9188Dec 27, 2014risk 0.00cvss —epss 0.06
Buffer overflow in an ActiveX control in MDraw30.ocx in Schneider Electric ProClima before 6.1.7 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8513 and CVE-2014-8514. NOTE: this may be clarified later based on…
- CVE-2014-6260Dec 15, 2014risk 0.00cvss —epss 0.02
Zenoss Core through 5 Beta 3 does not require a password for modifying the pager command string, which allows remote attackers to execute arbitrary commands or cause a denial of service (paging outage) by leveraging an unattended workstation, aka ZEN-15412.