VYPR

CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

BaseStableLikelihood: High

Description

The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.

Hierarchy (View 1000)

Parents

Children

none

Related attack patterns (CAPEC)

CAPEC-108 · CAPEC-15 · CAPEC-43 · CAPEC-6 · CAPEC-88

CVEs mapped to this weakness (2,292)

page 105 of 115
  • CVE-2020-7688Jul 1, 2020
    risk 0.00cvss epss 0.01

    The issue occurs because tagName user input is formatted inside the exec function is executed without any checks.

  • CVE-2020-15362Jun 29, 2020
    risk 0.00cvss epss 0.03

    wifiscanner.js in thingsSDK WiFi Scanner 1.0.1 allows Code Injection because it can be used with options to overwrite the default executable/binary path and its arguments. An attacker can abuse this functionality to execute arbitrary code.

  • CVE-2020-9576Jun 26, 2020
    risk 0.00cvss epss 0.06

    Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a command injection vulnerability. Successful exploitation could lead to arbitrary code execution.

  • CVE-2020-9578Jun 26, 2020
    risk 0.00cvss epss 0.06

    Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a command injection vulnerability. Successful exploitation could lead to arbitrary code execution.

  • CVE-2020-9582Jun 26, 2020
    risk 0.00cvss epss 0.06

    Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a command injection vulnerability. Successful exploitation could lead to arbitrary code execution.

  • CVE-2020-9583Jun 26, 2020
    risk 0.00cvss epss 0.06

    Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a command injection vulnerability. Successful exploitation could lead to arbitrary code execution.

  • CVE-2020-4066Jun 22, 2020
    risk 0.00cvss epss 0.02

    In Limdu before 0.95, the trainBatch function has a command injection vulnerability. Clients of the Limdu library are unlikely to be aware of this, so they might unwittingly write code that contains a vulnerability. This has been patched in 0.95.

  • CVE-2020-2200Jun 3, 2020
    risk 0.00cvss epss 0.02

    Jenkins Play Framework Plugin 1.0.2 and earlier lets users specify the path to the `play` command on the Jenkins master for a form validation endpoint, resulting in an OS command injection vulnerability exploitable by users able to store such a file on the Jenkins master.

  • CVE-2020-13388May 22, 2020
    risk 0.00cvss epss 0.04

    An exploitable vulnerability exists in the configuration-loading functionality of the jw.util package before 2.3 for Python. When loading a configuration with FromString or FromStream with YAML, one can execute arbitrary Python code, resulting in OS command execution, because…

  • CVE-2020-13252May 21, 2020
    risk 0.00cvss epss 0.05

    Centreon before 19.04.15 allows remote attackers to execute arbitrary OS commands by placing shell metacharacters in RRDdatabase_status_path (via a main.get.php request) and then visiting the include/views/graphs/graphStatus/displayServiceStatus.php page.

  • CVE-2020-7646May 7, 2020
    risk 0.00cvss epss 0.02

    curlrequest through 1.0.1 allows reading any file by populating the file parameter with user input.

  • CVE-2020-7645May 2, 2020
    risk 0.00cvss epss 0.01

    All versions of chrome-launcher allow execution of arbitrary commands, by controlling the $HOME environment variable in Linux operating systems.

  • CVE-2020-7640Apr 27, 2020
    risk 0.00cvss epss 0.02

    pixl-class prior to 1.0.3 allows execution of arbitrary commands. The members argument of the create function can be controlled by users without any sanitization.

  • CVE-2020-7614Apr 7, 2020
    risk 0.00cvss epss 0.04

    npm-programmatic through 0.0.12 is vulnerable to Command Injection.The packages and option properties are concatenated together without any validation and are used by the 'exec' function directly.

  • CVE-2020-7613Apr 7, 2020
    risk 0.00cvss epss 0.02

    clamscan through 1.2.0 is vulnerable to Command Injection. It is possible to inject arbitrary commands as part of the `_is_clamav_binary` function located within `Index.js`. It should be noted that this vulnerability requires a pre-requisite that a folder should be created with…

  • CVE-2020-7615Apr 7, 2020
    risk 0.00cvss epss 0.01

    fsa through 0.5.1 is vulnerable to Command Injection. The first argument of 'execGitCommand()', located within 'lib/rep.js#63' can be controlled by users without any sanitization to inject arbitrary commands.

  • CVE-2020-7636Apr 6, 2020
    risk 0.00cvss epss 0.04

    adb-driver through 0.1.8 is vulnerable to Command Injection.It allows execution of arbitrary commands via the command function.

  • CVE-2020-7634Apr 6, 2020
    risk 0.00cvss epss 0.03

    heroku-addonpool through 0.1.15 is vulnerable to Command Injection.

  • CVE-2020-7633Apr 6, 2020
    risk 0.00cvss epss 0.04

    apiconnect-cli-plugins through 6.0.1 is vulnerable to Command Injection.It allows execution of arbitrary commands via the pluginUri argument.

  • CVE-2020-7632Apr 6, 2020
    risk 0.00cvss epss 0.04

    node-mpv through 1.4.3 is vulnerable to Command Injection. It allows execution of arbitrary commands via the options argument.