CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Description
The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.
Hierarchy (View 1000)
Parents
Children
none
Related attack patterns (CAPEC)
CAPEC-108 · CAPEC-15 · CAPEC-43 · CAPEC-6 · CAPEC-88
CVEs mapped to this weakness (1,367)
page 64 of 69| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2015-2955 | 0.00 | — | 0.01 | Jun 13, 2015 | Igreks MilkyStep Light 0.94 and earlier and Professional 1.82 and earlier allows remote attackers to execute arbitrary OS commands via unspecified vectors. | ||
| CVE-2014-9284 | 0.00 | — | 0.01 | Jun 9, 2015 | The Buffalo WHR-1166DHP 1.60 and earlier, WSR-600DHP 1.60 and earlier, WHR-600D 1.60 and earlier, WHR-300HP2 1.60 and earlier, WMR-300 1.60 and earlier, WEX-300 1.60 and earlier, and BHR-4GRV2 1.04 and earlier routers allow remote authenticated users to execute arbitrary OS commands via unspecified vectors. | ||
| CVE-2015-0691 | 0.00 | — | 0.01 | Apr 17, 2015 | A certain Cisco JAR file, as distributed in Cache Cleaner in Cisco Secure Desktop (CSD), allows remote attackers to execute arbitrary commands via a crafted web site, aka Bug ID CSCup83001. | ||
| CVE-2015-1388 | 0.00 | — | 0.01 | Mar 24, 2015 | The "RAP console" feature in ArubaOS 5.x through 6.2.x, 6.3.x before 6.3.1.15, and 6.4.x before 6.4.2.4 on Aruba access points in Remote Access Point (AP) mode allows remote attackers to execute arbitrary commands via unspecified vectors. | ||
| CVE-2015-0525 | 0.00 | — | 0.02 | Mar 12, 2015 | The Gateway Provisioning service in EMC Secure Remote Services Virtual Edition (ESRS VE) 3.02 and 3.03 allows remote attackers to execute arbitrary OS commands via unspecified vectors. | ||
| CVE-2015-0977 | 0.00 | — | 0.01 | Feb 27, 2015 | Network Vision IntraVue before 2.3.0a14 on Windows allows remote attackers to execute arbitrary OS commands via unspecified vectors. | ||
| CVE-2014-7269 | 0.00 | — | 0.01 | Feb 1, 2015 | ASUS JAPAN RT-AC87U routers with firmware 3.0.0.4.378.3754 and earlier, RT-AC68U routers with firmware 3.0.0.4.376.3715 and earlier, RT-AC56S routers with firmware 3.0.0.4.376.3715 and earlier, RT-N66U routers with firmware 3.0.0.4.376.3715 and earlier, and RT-N56U routers with firmware 3.0.0.4.376.3715 and earlier allow remote authenticated users to execute arbitrary OS commands via unspecified vectors. | ||
| CVE-2014-7253 | 0.00 | — | 0.00 | Dec 5, 2014 | FUJITSU F-12C, ARROWS Tab LTE F-01D, ARROWS Kiss F-03D, and REGZA Phone T-01D for Android allows local users to execute arbitrary commands via unspecified vectors. | ||
| CVE-2014-8334 | 0.00 | — | 0.04 | Oct 31, 2014 | The WP-DBManager (aka Database Manager) plugin before 2.7.2 for WordPress allows remote authenticated users to execute arbitrary commands via shell metacharacters in the (1) $backup['filepath'] (aka "Path to Backup:" field) or (2) $backup['mysqldumppath'] variable. | ||
| CVE-2014-6434 | 0.00 | — | 0.03 | Oct 7, 2014 | gpExec in GoPro HERO 3+ allows remote attackers to execute arbitrary commands via a the (1) a1 or (2) a2 parameter in a restart action. | ||
| CVE-2014-5502 | 0.00 | — | 0.01 | Oct 7, 2014 | The Sophos Cyberoam appliances with CyberoamOS before 10.6.1 GA allows remote authenticated users to inject arbitrary commands via a (1) checkcert_key, (2) webclient_portal_settings, (3) sslvpn_liveuser_delete, or (4) ccc_flush_sql_file opcode. | ||
| CVE-2014-4868 | 0.00 | — | 0.00 | Oct 7, 2014 | The management console on the Brocade Vyatta 5400 vRouter 6.4R(x), 6.6R(x), and 6.7R1 allows remote authenticated users to execute arbitrary Linux commands via shell metacharacters in a console command. | ||
| CVE-2014-3360 | 0.00 | — | 0.02 | Sep 25, 2014 | Cisco IOS 12.4 and 15.0 through 15.4 and IOS XE 3.1.xS, 3.2.xS, 3.3.xS, 3.4.xS, 3.5.xS, 3.6.xS, and 3.7.xS before 3.7.6S; 3.8.xS, 3.9.xS, and 3.10.xS before 3.10.1S; and 3.11.xS before 3.12S allow remote attackers to cause a denial of service (device reload) via a crafted SIP message, aka Bug ID CSCul46586. | ||
| CVE-2014-3358 | 0.00 | — | 0.01 | Sep 25, 2014 | Memory leak in Cisco IOS 15.0, 15.1, 15.2, and 15.4 and IOS XE 3.3.xSE before 3.3.2SE, 3.3.xXO before 3.3.1XO, 3.5.xE before 3.5.2E, and 3.11.xS before 3.11.1S allows remote attackers to cause a denial of service (memory consumption, and interface queue wedge or device reload) via malformed mDNS packets, aka Bug ID CSCuj58950. | ||
| CVE-2014-3357 | 0.00 | — | 0.01 | Sep 25, 2014 | Cisco IOS 15.0, 15.1, 15.2, and 15.4 and IOS XE 3.3.xSE before 3.3.2SE, 3.3.xXO before 3.3.1XO, 3.5.xE before 3.5.2E, and 3.11.xS before 3.11.1S allow remote attackers to cause a denial of service (device reload) via malformed mDNS packets, aka Bug ID CSCul90866. | ||
| CVE-2014-4326 | 0.00 | — | 0.01 | Jul 22, 2014 | Elasticsearch Logstash 1.0.14 through 1.4.x before 1.4.2 allows remote attackers to execute arbitrary commands via a crafted event in (1) zabbix.rb or (2) nagios_nsca.rb in outputs/. | ||
| CVE-2014-1987 | 0.00 | — | 0.04 | Jul 20, 2014 | The CGI component in Cybozu Garoon 3.1.0 through 3.7 SP3 allows remote attackers to execute arbitrary commands via unspecified vectors. | ||
| CVE-2014-2967 | 0.00 | — | 0.04 | Jul 7, 2014 | Autodesk VRED Professional 2014 before SR1 SP8 allows remote attackers to execute arbitrary code via Python os library calls in Python API commands to the integrated web server. | ||
| CVE-2014-3883 | 0.00 | — | 0.01 | Jun 21, 2014 | Usermin before 1.600 allows remote attackers to execute arbitrary operating-system commands via unspecified vectors related to a user action. | ||
| CVE-2014-2507 | 0.00 | — | 0.02 | Jun 8, 2014 | EMC Documentum Content Server before 6.7 SP1 P28, 6.7 SP2 before P14, 7.0 before P15, and 7.1 before P05 allows remote authenticated users to execute arbitrary commands via shell metacharacters in arguments to unspecified methods. |
- CVE-2015-2955Jun 13, 2015risk 0.00cvss —epss 0.01
Igreks MilkyStep Light 0.94 and earlier and Professional 1.82 and earlier allows remote attackers to execute arbitrary OS commands via unspecified vectors.
- CVE-2014-9284Jun 9, 2015risk 0.00cvss —epss 0.01
The Buffalo WHR-1166DHP 1.60 and earlier, WSR-600DHP 1.60 and earlier, WHR-600D 1.60 and earlier, WHR-300HP2 1.60 and earlier, WMR-300 1.60 and earlier, WEX-300 1.60 and earlier, and BHR-4GRV2 1.04 and earlier routers allow remote authenticated users to execute arbitrary OS commands via unspecified vectors.
- CVE-2015-0691Apr 17, 2015risk 0.00cvss —epss 0.01
A certain Cisco JAR file, as distributed in Cache Cleaner in Cisco Secure Desktop (CSD), allows remote attackers to execute arbitrary commands via a crafted web site, aka Bug ID CSCup83001.
- CVE-2015-1388Mar 24, 2015risk 0.00cvss —epss 0.01
The "RAP console" feature in ArubaOS 5.x through 6.2.x, 6.3.x before 6.3.1.15, and 6.4.x before 6.4.2.4 on Aruba access points in Remote Access Point (AP) mode allows remote attackers to execute arbitrary commands via unspecified vectors.
- CVE-2015-0525Mar 12, 2015risk 0.00cvss —epss 0.02
The Gateway Provisioning service in EMC Secure Remote Services Virtual Edition (ESRS VE) 3.02 and 3.03 allows remote attackers to execute arbitrary OS commands via unspecified vectors.
- CVE-2015-0977Feb 27, 2015risk 0.00cvss —epss 0.01
Network Vision IntraVue before 2.3.0a14 on Windows allows remote attackers to execute arbitrary OS commands via unspecified vectors.
- CVE-2014-7269Feb 1, 2015risk 0.00cvss —epss 0.01
ASUS JAPAN RT-AC87U routers with firmware 3.0.0.4.378.3754 and earlier, RT-AC68U routers with firmware 3.0.0.4.376.3715 and earlier, RT-AC56S routers with firmware 3.0.0.4.376.3715 and earlier, RT-N66U routers with firmware 3.0.0.4.376.3715 and earlier, and RT-N56U routers with firmware 3.0.0.4.376.3715 and earlier allow remote authenticated users to execute arbitrary OS commands via unspecified vectors.
- CVE-2014-7253Dec 5, 2014risk 0.00cvss —epss 0.00
FUJITSU F-12C, ARROWS Tab LTE F-01D, ARROWS Kiss F-03D, and REGZA Phone T-01D for Android allows local users to execute arbitrary commands via unspecified vectors.
- CVE-2014-8334Oct 31, 2014risk 0.00cvss —epss 0.04
The WP-DBManager (aka Database Manager) plugin before 2.7.2 for WordPress allows remote authenticated users to execute arbitrary commands via shell metacharacters in the (1) $backup['filepath'] (aka "Path to Backup:" field) or (2) $backup['mysqldumppath'] variable.
- CVE-2014-6434Oct 7, 2014risk 0.00cvss —epss 0.03
gpExec in GoPro HERO 3+ allows remote attackers to execute arbitrary commands via a the (1) a1 or (2) a2 parameter in a restart action.
- CVE-2014-5502Oct 7, 2014risk 0.00cvss —epss 0.01
The Sophos Cyberoam appliances with CyberoamOS before 10.6.1 GA allows remote authenticated users to inject arbitrary commands via a (1) checkcert_key, (2) webclient_portal_settings, (3) sslvpn_liveuser_delete, or (4) ccc_flush_sql_file opcode.
- CVE-2014-4868Oct 7, 2014risk 0.00cvss —epss 0.00
The management console on the Brocade Vyatta 5400 vRouter 6.4R(x), 6.6R(x), and 6.7R1 allows remote authenticated users to execute arbitrary Linux commands via shell metacharacters in a console command.
- CVE-2014-3360Sep 25, 2014risk 0.00cvss —epss 0.02
Cisco IOS 12.4 and 15.0 through 15.4 and IOS XE 3.1.xS, 3.2.xS, 3.3.xS, 3.4.xS, 3.5.xS, 3.6.xS, and 3.7.xS before 3.7.6S; 3.8.xS, 3.9.xS, and 3.10.xS before 3.10.1S; and 3.11.xS before 3.12S allow remote attackers to cause a denial of service (device reload) via a crafted SIP message, aka Bug ID CSCul46586.
- CVE-2014-3358Sep 25, 2014risk 0.00cvss —epss 0.01
Memory leak in Cisco IOS 15.0, 15.1, 15.2, and 15.4 and IOS XE 3.3.xSE before 3.3.2SE, 3.3.xXO before 3.3.1XO, 3.5.xE before 3.5.2E, and 3.11.xS before 3.11.1S allows remote attackers to cause a denial of service (memory consumption, and interface queue wedge or device reload) via malformed mDNS packets, aka Bug ID CSCuj58950.
- CVE-2014-3357Sep 25, 2014risk 0.00cvss —epss 0.01
Cisco IOS 15.0, 15.1, 15.2, and 15.4 and IOS XE 3.3.xSE before 3.3.2SE, 3.3.xXO before 3.3.1XO, 3.5.xE before 3.5.2E, and 3.11.xS before 3.11.1S allow remote attackers to cause a denial of service (device reload) via malformed mDNS packets, aka Bug ID CSCul90866.
- CVE-2014-4326Jul 22, 2014risk 0.00cvss —epss 0.01
Elasticsearch Logstash 1.0.14 through 1.4.x before 1.4.2 allows remote attackers to execute arbitrary commands via a crafted event in (1) zabbix.rb or (2) nagios_nsca.rb in outputs/.
- CVE-2014-1987Jul 20, 2014risk 0.00cvss —epss 0.04
The CGI component in Cybozu Garoon 3.1.0 through 3.7 SP3 allows remote attackers to execute arbitrary commands via unspecified vectors.
- CVE-2014-2967Jul 7, 2014risk 0.00cvss —epss 0.04
Autodesk VRED Professional 2014 before SR1 SP8 allows remote attackers to execute arbitrary code via Python os library calls in Python API commands to the integrated web server.
- CVE-2014-3883Jun 21, 2014risk 0.00cvss —epss 0.01
Usermin before 1.600 allows remote attackers to execute arbitrary operating-system commands via unspecified vectors related to a user action.
- CVE-2014-2507Jun 8, 2014risk 0.00cvss —epss 0.02
EMC Documentum Content Server before 6.7 SP1 P28, 6.7 SP2 before P14, 7.0 before P15, and 7.1 before P05 allows remote authenticated users to execute arbitrary commands via shell metacharacters in arguments to unspecified methods.