VYPR

CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

BaseStableLikelihood: High

Description

The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.

Hierarchy (View 1000)

Parents

Children

none

Related attack patterns (CAPEC)

CAPEC-108 · CAPEC-15 · CAPEC-43 · CAPEC-6 · CAPEC-88

CVEs mapped to this weakness (2,292)

page 19 of 115
  • CVE-2018-12972CriJun 29, 2018
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered in OpenTSDB 2.3.0. Many parameters to the /q URI can execute commands, including o, key, style, and yrange and y2range and their JSON input.

  • CVE-2018-12268CriJun 13, 2018
    risk 0.64cvss 9.8epss 0.03

    acccheck.pl in acccheck 0.2.1 allows Command Injection via shell metacharacters in a username or password file, as demonstrated by injection into an smbclient command line.

  • CVE-2018-11229CriJun 8, 2018
    risk 0.64cvss 9.8epss 0.06

    Crestron TSW-1060, TSW-760, TSW-560, TSW-1060-NC, TSW-760-NC, and TSW-560-NC devices before 2.001.0037.001 allow unauthenticated remote code execution via command injection in Crestron Toolbox Protocol (CTP).

  • CVE-2017-7637CriJun 5, 2018
    risk 0.64cvss 9.8epss 0.03

    QNAP NAS application Proxy Server through version 1.2.0 allows remote attackers to run arbitrary OS commands against the system with root privileges.

  • CVE-2016-10541CriMay 31, 2018
    risk 0.64cvss 9.8epss 0.02

    The npm module "shell-quote" 1.6.0 and earlier cannot correctly escape ">" and "<" operator used for redirection in shell. Applications that depend on shell-quote may also be vulnerable. A malicious user could perform code injection.

  • CVE-2017-14481CriMay 9, 2018
    risk 0.64cvss 9.8epss 0.06

    In the MMM::Agent::Helpers::Network::send_arp function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (for Solaris), a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the…

  • CVE-2017-14480CriMay 9, 2018
    risk 0.64cvss 9.8epss 0.06

    In the MMM::Agent::Helpers::Network::clear_ip function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (for FreeBSD), a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the…

  • CVE-2017-14479CriMay 9, 2018
    risk 0.64cvss 9.8epss 0.06

    In the MMM::Agent::Helpers::Network::clear_ip function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (for Solaris), a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the…

  • CVE-2017-14478CriMay 9, 2018
    risk 0.64cvss 9.8epss 0.06

    In the MMM::Agent::Helpers::Network::clear_ip function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (for Linux), a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the…

  • CVE-2017-14477CriMay 9, 2018
    risk 0.64cvss 9.8epss 0.06

    In the MMM::Agent::Helpers::Network::add_ip function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (for FreeBSD), a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the…

  • CVE-2017-14476CriMay 9, 2018
    risk 0.64cvss 9.8epss 0.06

    In the MMM::Agent::Helpers::Network::add_ip function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (for Solaris), a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the…

  • CVE-2017-14475CriMay 9, 2018
    risk 0.64cvss 9.8epss 0.06

    In the MMM::Agent::Helpers::Network::add_ip function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (for Linux), a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the…

  • CVE-2017-14474CriMay 9, 2018
    risk 0.64cvss 9.8epss 0.06

    In the MMM::Agent::Helpers::_execute function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1, a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\_agentd process.…

  • CVE-2018-1144CriApr 19, 2018
    risk 0.64cvss 9.8epss 0.07

    A remote unauthenticated user can execute commands as root in the Belkin N750 using firmware version 1.10.22 by sending a crafted HTTP request to proxy.cgi.

  • CVE-2018-0545CriApr 9, 2018
    risk 0.64cvss 9.8epss 0.03

    LXR version 1.0.0 to 2.3.0 allows remote attackers to execute arbitrary OS commands via unspecified vectors.

  • CVE-2018-9285CriApr 4, 2018
    risk 0.64cvss 9.8epss 0.04

    Main_Analysis_Content.asp in /apply.cgi on ASUS RT-AC66U, RT-AC68U, RT-AC86U, RT-AC88U, RT-AC1900, RT-AC2900, and RT-AC3100 devices before 3.0.0.4.384_10007; RT-N18U devices before 3.0.0.4.382.39935; RT-AC87U and RT-AC3200 devices before 3.0.0.4.382.50010; and RT-AC5300 devices…

  • CVE-2018-0539CriMar 22, 2018
    risk 0.64cvss 9.8epss 0.03

    QQQ SYSTEMS version 2.24 allows an attacker to execute arbitrary commands via unspecified vectors.

  • CVE-2018-6231CriMar 15, 2018
    risk 0.64cvss 9.8epss 0.07

    A server auth command injection authentication bypass vulnerability in Trend Micro Smart Protection Server (Standalone) versions 3.3 and below could allow remote attackers to escalate privileges on vulnerable installations.

  • CVE-2017-7640CriMar 8, 2018
    risk 0.64cvss 9.8epss 0.02

    QNAP NAS application Media Streaming add-on version 421.1.0.2, 430.1.2.0, and earlier allows remote attackers to run arbitrary OS commands against the system with root privileges.

  • CVE-2018-7664CriMar 5, 2018
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered in ClipBucket before 4.0.0 Release 4902. Any OS commands can be injected via shell metacharacters in the file_name parameter to /api/file_uploader.php or /actions/file_downloader.php.