VYPR

CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

BaseStableLikelihood: High

Description

The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.

Hierarchy (View 1000)

Parents

Children

none

Related attack patterns (CAPEC)

CAPEC-108 · CAPEC-15 · CAPEC-43 · CAPEC-6 · CAPEC-88

CVEs mapped to this weakness (2,292)

page 107 of 115
  • CVE-2020-10235Mar 9, 2020
    risk 0.00cvss epss 0.02

    An issue was discovered in Froxlor before 0.10.14. Remote attackers with access to the installation routine could have executed arbitrary code via the database configuration options that were passed unescaped to exec, because of _backupExistingDatabase in…

  • CVE-2020-2159Mar 9, 2020
    risk 0.00cvss epss 0.02

    Jenkins CryptoMove Plugin 0.1.33 and earlier allows attackers with Job/Configure access to execute arbitrary OS commands on the Jenkins master as the OS user account running Jenkins.

  • CVE-2020-1734Mar 3, 2020
    risk 0.00cvss epss 0.00

    A flaw was found in the pipe lookup plugin of ansible. Arbitrary commands can be run, when the pipe lookup plugin uses subprocess.Popen() with shell=True, by overwriting ansible facts and the variable is not escaped by quote plugin. An attacker could take advantage and run…

  • CVE-2019-10801Feb 28, 2020
    risk 0.00cvss epss 0.03

    enpeem through 2.2.0 allows execution of arbitrary commands. The "options.dir" argument is provided to the "exec" function without any sanitization.

  • CVE-2019-10802Feb 28, 2020
    risk 0.00cvss epss 0.02

    giting version prior to 0.0.8 allows execution of arbritary commands. The first argument "repo" of function "pull()" is executed by the package without any validation.

  • CVE-2019-10803Feb 28, 2020
    risk 0.00cvss epss 0.03

    push-dir through 0.4.1 allows execution of arbritary commands. Arguments provided as part of the variable "opt.branch" is not validated before being provided to the "git" command within "index.js#L139". This could be abused by an attacker to inject arbitrary commands.

  • CVE-2019-10804Feb 28, 2020
    risk 0.00cvss epss 0.03

    serial-number through 1.3.0 allows execution of arbritary commands. The "cmdPrefix" argument in serialNumber function is used by the "exec" function without any validation.

  • CVE-2019-15609Feb 28, 2020
    risk 0.00cvss epss 0.04

    The kill-port-process package version < 2.2.0 is vulnerable to a Command Injection vulnerability.

  • CVE-2019-10799Feb 24, 2020
    risk 0.00cvss epss 0.02

    compile-sass prior to 1.0.5 allows execution of arbritary commands. The function "setupCleanupOnExit(cssPath)" within "dist/index.js" is executed as part of the "rm" command without any sanitization.

  • CVE-2019-10796Feb 24, 2020
    risk 0.00cvss epss 0.03

    rpi through 0.0.3 allows execution of arbritary commands. The variable pinNumbver in function GPIO within src/lib/gpio.js is used as part of the arguement of exec function without any sanitization.

  • CVE-2020-8130Feb 24, 2020
    risk 0.00cvss epss 0.01

    There is an OS command injection vulnerability in Ruby Rake < 12.3.3 in Rake::FileList when supplying a filename that begins with the pipe character `|`.

  • CVE-2019-10791Feb 18, 2020
    risk 0.00cvss epss 0.02

    promise-probe before 0.10.0 allows remote attackers to perform a command injection attack. The file, outputFile and options functions can be controlled by users without any sanitization.

  • CVE-2019-19325Feb 17, 2020
    risk 0.00cvss epss 0.01

    SilverStripe through 4.4.x before 4.4.5 and 4.5.x before 4.5.2 allows Reflected XSS on the login form and custom forms. Silverstripe Forms allow malicious HTML or JavaScript to be inserted through non-scalar FormField attributes, which allows performing XSS (Cross-Site…

  • CVE-2020-7597Feb 17, 2020
    risk 0.00cvss epss 0.03

    codecov-node npm module before 3.6.5 allows remote attackers to execute arbitrary commands.The value provided as part of the gcov-root argument is executed by the exec function within lib/codecov.js. This vulnerability exists due to an incomplete fix of CVE-2020-7596.

  • CVE-2019-10786Feb 4, 2020
    risk 0.00cvss epss 0.02

    network-manager through 1.0.2 allows remote attackers to execute arbitrary commands via the "execSync()" argument.

  • CVE-2019-10787Feb 4, 2020
    risk 0.00cvss epss 0.04

    im-resize through 2.3.2 allows remote attackers to execute arbitrary commands via the "exec" argument. The cmd argument used within index.js, can be controlled by user without any sanitization.

  • CVE-2019-10788Feb 4, 2020
    risk 0.00cvss epss 0.02

    im-metadata through 3.0.1 allows remote attackers to execute arbitrary commands via the "exec" argument. It is possible to inject arbitrary commands as part of the metadata options which is given to the "exec" function.

  • CVE-2019-10783Jan 29, 2020
    risk 0.00cvss epss 0.03

    All versions including 0.0.4 of lsof npm module are vulnerable to Command Injection. Every exported method used by the package uses the exec function to parse user input.

  • CVE-2019-10780Jan 22, 2020
    risk 0.00cvss epss 0.03

    BibTeX-ruby before 5.1.0 allows shell command injection due to unsanitized user input being passed directly to the built-in Ruby Kernel.open method through BibTeX.open.

  • CVE-2019-10777Jan 8, 2020
    risk 0.00cvss epss 0.02

    In aws-lambda versions prior to version 1.0.5, the "config.FunctioName" is used to construct the argument used within the "exec" function without any sanitization. It is possible for a user to inject arbitrary commands to the "zipCmd" used within "config.FunctionName".