CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
ClassDraftLikelihood: High
Description
The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-136 · CAPEC-15 · CAPEC-183 · CAPEC-248 · CAPEC-40 · CAPEC-43 · CAPEC-75 · CAPEC-76
CVEs mapped to this weakness (1,036)
page 8 of 52| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-27981 | Cri | 0.64 | 9.8 | 0.01 | Apr 4, 2024 | A Command Injection vulnerability found in a Self-Hosted UniFi Network Servers (Linux) with UniFi Network Application (Version 8.0.28 and earlier) allows a malicious actor with UniFi Network Application Administrator credentials to escalate privileges to root on the host device. Affected Products: UniFi Network Application (Version 8.0.28 and earlier) . Mitigation: Update UniFi Network Application to Version 8.1.113 or later. | |
| CVE-2017-15940 | Cri | 0.64 | 9.8 | 0.06 | Dec 11, 2017 | The web interface packet capture management component in Palo Alto Networks PAN-OS before 6.1.19, 7.0.x before 7.0.19, 7.1.x before 7.1.14, and 8.0.x before 8.0.6 allows remote authenticated users to execute arbitrary code via unspecified vectors. | |
| CVE-2017-13071 | Cri | 0.64 | 9.8 | 0.01 | Nov 22, 2017 | QNAP has already patched this vulnerability. This security concern allows a remote attacker to run arbitrary commands on the QNAP Video Station 5.1.3 (for QTS 4.3.3), 5.2.0 (for QTS 4.3.4), and earlier. | |
| CVE-2008-7319 | Cri | 0.64 | 9.8 | 0.08 | Nov 7, 2017 | The Net::Ping::External extension through 0.15 for Perl does not properly sanitize arguments (e.g., invalid hostnames) containing shell metacharacters before use of backticks in External.pm, allowing for shell command injection and arbitrary command execution if untrusted input is used. | |
| CVE-2014-9118 | Hig | 0.64 | 8.8 | 0.52 | Oct 17, 2017 | The web administrative portal in Zhone zNID GPON 2426A before S3.0.501 allows remote attackers to execute arbitrary commands via shell metacharacters in the ipAddr parameter to zhnping.cmd. | |
| CVE-2008-7315 | Cri | 0.64 | 9.8 | 0.05 | Oct 10, 2017 | UI-Dialog 1.09 and earlier allows remote attackers to execute arbitrary commands. | |
| CVE-2017-13069 | Cri | 0.64 | 9.8 | 0.06 | Oct 6, 2017 | QNAP discovered a number of command injection vulnerabilities found in Music Station versions 4.8.6 (for QTS 4.2.x), 5.0.7 (for QTS 4.3.x), and earlier. If exploited, these vulnerabilities may allow a remote attacker to run arbitrary commands on the NAS. | |
| CVE-2015-7841 | Cri | 0.64 | 9.8 | 0.02 | Oct 3, 2017 | The login page of the server on Huawei FusionServer rack servers RH2288 V3 with software before V100R003C00SPC603, RH2288H V3 with software before V100R003C00SPC503, XH628 V3 with software before V100R003C00SPC602, RH1288 V3 with software before V100R003C00SPC602, RH2288A V2 with software before V100R002C00SPC701, RH1288A V2 with software before V100R002C00SPC502, RH8100 V3 with software before V100R003C00SPC110, CH222 V3 with software before V100R001C00SPC161, CH220 V3 with software before V100R001C00SPC161, and CH121 V3 with software before V100R001C00SPC161 allows remote attackers to bypass access restrictions and enter commands via unspecified parameters, as demonstrated by a "user creation command." | |
| CVE-2017-9980 | Cri | 0.64 | 9.8 | 0.04 | Jul 21, 2017 | In Green Packet DX-350 Firmware version v2.8.9.5-g1.4.8-atheeb, the "PING" (aka tag_ipPing) feature within the web interface allows performing command injection, via the "pip" parameter. | |
| CVE-2017-7977 | Cri | 0.64 | 9.8 | 0.01 | Jul 19, 2017 | The Screensavercc component in eLux RP before 5.5.0 allows attackers to bypass intended configuration restrictions and execute arbitrary commands with root privileges by inserting commands in a local configuration dialog in the control panel. | |
| CVE-2017-4984 | Cri | 0.64 | 9.8 | 0.04 | Jun 19, 2017 | In EMC VNX2 versions prior to OE for File 8.1.9.211 and VNX1 versions prior to OE for File 7.1.80.8, an unauthenticated remote attacker may be able to elevate their permissions to root through a command injection. This may potentially be exploited by an attacker to run arbitrary code with root-level privileges on the targeted VNX Control Station system, aka remote code execution. | |
| CVE-2016-6655 | Cri | 0.64 | 9.8 | 0.05 | Jun 13, 2017 | An issue was discovered in Cloud Foundry Foundation Cloud Foundry release versions prior to v245 and cf-mysql-release versions prior to v31. A command injection vulnerability was discovered in a common script used by many Cloud Foundry components. A malicious user may exploit numerous vectors to execute arbitrary commands on servers running Cloud Foundry. | |
| CVE-2017-4918 | Cri | 0.64 | 9.8 | 0.03 | Jun 8, 2017 | VMware Horizon View Client (2.x, 3.x and 4.x prior to 4.5.0) contains a command injection vulnerability in the service startup script. Successful exploitation of this issue may allow unprivileged users to escalate their privileges to root on the Mac OSX system where the client is installed. | |
| CVE-2017-6048 | Hig | 0.64 | 8.8 | 0.46 | May 19, 2017 | A Command Injection issue was discovered in Satel Iberia SenNet Data Logger and Electricity Meters: SenNet Optimal DataLogger V5.37c-1.43c and prior, SenNet Solar Datalogger V5.03-1.56a and prior, and SenNet Multitask Meter V5.21a-1.18b and prior. Successful exploitation of this vulnerability could result in the attacker breaking out of the jailed shell and gaining full access to the system. | |
| CVE-2017-7689 | Cri | 0.64 | 9.8 | 0.03 | Apr 11, 2017 | A Command Injection vulnerability in Schneider Electric homeLYnk Controller exists in all versions before 1.5.0. | |
| CVE-2016-5065 | Cri | 0.64 | 9.8 | 0.01 | Apr 10, 2017 | Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 allow Embedded_Ace_Set_Task.cgi command injection. | |
| CVE-2016-10312 | Cri | 0.64 | 9.8 | 0.06 | Apr 3, 2017 | Jensen of Scandinavia AS Air:Link 3G (AL3G) version 2.23m (Rev. 3), Air:Link 5000AC (AL5000AC) version 1.13, and Air:Link 59300 (AL59300) version 1.04 (Rev. 4) devices allow remote attackers to execute arbitrary commands via shell metacharacters to certain /goform/* pages. | |
| CVE-2014-5009 | Cri | 0.64 | 9.8 | 0.03 | Mar 31, 2017 | Snoopy allows remote attackers to execute arbitrary commands. NOTE: this vulnerability exists due to an incomplete fix for CVE-2014-5008. | |
| CVE-2014-5008 | Cri | 0.64 | 9.8 | 0.06 | Mar 31, 2017 | Snoopy allows remote attackers to execute arbitrary commands. | |
| CVE-2008-7313 | Cri | 0.64 | 9.8 | 0.01 | Mar 31, 2017 | The _httpsrequest function in Snoopy allows remote attackers to execute arbitrary commands. NOTE: this issue exists dues to an incomplete fix for CVE-2008-4796. |