CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Description
The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.
Hierarchy (View 1000)
Parents
Children
none
Related attack patterns (CAPEC)
CAPEC-108 · CAPEC-15 · CAPEC-43 · CAPEC-6 · CAPEC-88
CVEs mapped to this weakness (2,016)
page 91 of 101| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-4066 | 0.00 | — | 0.03 | Jun 22, 2020 | In Limdu before 0.95, the trainBatch function has a command injection vulnerability. Clients of the Limdu library are unlikely to be aware of this, so they might unwittingly write code that contains a vulnerability. This has been patched in 0.95. | |||
| CVE-2020-2200 | 0.00 | — | 0.03 | Jun 3, 2020 | Jenkins Play Framework Plugin 1.0.2 and earlier lets users specify the path to the `play` command on the Jenkins master for a form validation endpoint, resulting in an OS command injection vulnerability exploitable by users able to store such a file on the Jenkins master. | |||
| CVE-2020-13388 | — | 0.00 | — | 0.02 | May 22, 2020 | An exploitable vulnerability exists in the configuration-loading functionality of the jw.util package before 2.3 for Python. When loading a configuration with FromString or FromStream with YAML, one can execute arbitrary Python code, resulting in OS command execution, because… | ||
| CVE-2020-13252 | — | 0.00 | — | 0.04 | May 21, 2020 | Centreon before 19.04.15 allows remote attackers to execute arbitrary OS commands by placing shell metacharacters in RRDdatabase_status_path (via a main.get.php request) and then visiting the include/views/graphs/graphStatus/displayServiceStatus.php page. | ||
| CVE-2020-7646 | — | 0.00 | — | 0.00 | May 7, 2020 | curlrequest through 1.0.1 allows reading any file by populating the file parameter with user input. | ||
| CVE-2020-7645 | — | 0.00 | — | 0.01 | May 2, 2020 | All versions of chrome-launcher allow execution of arbitrary commands, by controlling the $HOME environment variable in Linux operating systems. | ||
| CVE-2020-7640 | — | 0.00 | — | 0.01 | Apr 27, 2020 | pixl-class prior to 1.0.3 allows execution of arbitrary commands. The members argument of the create function can be controlled by users without any sanitization. | ||
| CVE-2020-7614 | — | 0.00 | — | 0.01 | Apr 7, 2020 | npm-programmatic through 0.0.12 is vulnerable to Command Injection.The packages and option properties are concatenated together without any validation and are used by the 'exec' function directly. | ||
| CVE-2020-7613 | — | 0.00 | — | 0.02 | Apr 7, 2020 | clamscan through 1.2.0 is vulnerable to Command Injection. It is possible to inject arbitrary commands as part of the `_is_clamav_binary` function located within `Index.js`. It should be noted that this vulnerability requires a pre-requisite that a folder should be created with… | ||
| CVE-2020-7615 | — | 0.00 | — | 0.00 | Apr 7, 2020 | fsa through 0.5.1 is vulnerable to Command Injection. The first argument of 'execGitCommand()', located within 'lib/rep.js#63' can be controlled by users without any sanitization to inject arbitrary commands. | ||
| CVE-2020-7636 | — | 0.00 | — | 0.01 | Apr 6, 2020 | adb-driver through 0.1.8 is vulnerable to Command Injection.It allows execution of arbitrary commands via the command function. | ||
| CVE-2020-7634 | 0.00 | — | 0.03 | Apr 6, 2020 | heroku-addonpool through 0.1.15 is vulnerable to Command Injection. | |||
| CVE-2020-7633 | — | 0.00 | — | 0.01 | Apr 6, 2020 | apiconnect-cli-plugins through 6.0.1 is vulnerable to Command Injection.It allows execution of arbitrary commands via the pluginUri argument. | ||
| CVE-2020-7632 | — | 0.00 | — | 0.01 | Apr 6, 2020 | node-mpv through 1.4.3 is vulnerable to Command Injection. It allows execution of arbitrary commands via the options argument. | ||
| CVE-2020-7631 | — | 0.00 | — | 0.01 | Apr 6, 2020 | diskusage-ng through 0.2.4 is vulnerable to Command Injection.It allows execution of arbitrary commands via the path argument. | ||
| CVE-2020-7630 | — | 0.00 | — | 0.01 | Apr 2, 2020 | git-add-remote through 1.0.0 is vulnerable to Command Injection. It allows execution of arbitrary commands via the name argument. | ||
| CVE-2020-7629 | — | 0.00 | — | 0.01 | Apr 2, 2020 | install-package through 0.4.0 is vulnerable to Command Injection. It allows execution of arbitrary commands via the options argument. | ||
| CVE-2020-7628 | — | 0.00 | — | 0.01 | Apr 2, 2020 | umount through 1.1.6 is vulnerable to Command Injection. The argument device can be controlled by users without any sanitization. | ||
| CVE-2020-7627 | — | 0.00 | — | 0.01 | Apr 2, 2020 | node-key-sender through 1.0.11 is vulnerable to Command Injection. It allows execution of arbitrary commands via the 'arrParams' argument in the 'execute()' function. | ||
| CVE-2020-7626 | — | 0.00 | — | 0.01 | Apr 2, 2020 | karma-mojo through 1.0.1 is vulnerable to Command Injection. It allows execution of arbitrary commands via the config argument. |
- CVE-2020-4066Jun 22, 2020risk 0.00cvss —epss 0.03
In Limdu before 0.95, the trainBatch function has a command injection vulnerability. Clients of the Limdu library are unlikely to be aware of this, so they might unwittingly write code that contains a vulnerability. This has been patched in 0.95.
- CVE-2020-2200Jun 3, 2020risk 0.00cvss —epss 0.03
Jenkins Play Framework Plugin 1.0.2 and earlier lets users specify the path to the `play` command on the Jenkins master for a form validation endpoint, resulting in an OS command injection vulnerability exploitable by users able to store such a file on the Jenkins master.
- CVE-2020-13388May 22, 2020risk 0.00cvss —epss 0.02
An exploitable vulnerability exists in the configuration-loading functionality of the jw.util package before 2.3 for Python. When loading a configuration with FromString or FromStream with YAML, one can execute arbitrary Python code, resulting in OS command execution, because…
- CVE-2020-13252May 21, 2020risk 0.00cvss —epss 0.04
Centreon before 19.04.15 allows remote attackers to execute arbitrary OS commands by placing shell metacharacters in RRDdatabase_status_path (via a main.get.php request) and then visiting the include/views/graphs/graphStatus/displayServiceStatus.php page.
- CVE-2020-7646May 7, 2020risk 0.00cvss —epss 0.00
curlrequest through 1.0.1 allows reading any file by populating the file parameter with user input.
- CVE-2020-7645May 2, 2020risk 0.00cvss —epss 0.01
All versions of chrome-launcher allow execution of arbitrary commands, by controlling the $HOME environment variable in Linux operating systems.
- CVE-2020-7640Apr 27, 2020risk 0.00cvss —epss 0.01
pixl-class prior to 1.0.3 allows execution of arbitrary commands. The members argument of the create function can be controlled by users without any sanitization.
- CVE-2020-7614Apr 7, 2020risk 0.00cvss —epss 0.01
npm-programmatic through 0.0.12 is vulnerable to Command Injection.The packages and option properties are concatenated together without any validation and are used by the 'exec' function directly.
- CVE-2020-7613Apr 7, 2020risk 0.00cvss —epss 0.02
clamscan through 1.2.0 is vulnerable to Command Injection. It is possible to inject arbitrary commands as part of the `_is_clamav_binary` function located within `Index.js`. It should be noted that this vulnerability requires a pre-requisite that a folder should be created with…
- CVE-2020-7615Apr 7, 2020risk 0.00cvss —epss 0.00
fsa through 0.5.1 is vulnerable to Command Injection. The first argument of 'execGitCommand()', located within 'lib/rep.js#63' can be controlled by users without any sanitization to inject arbitrary commands.
- CVE-2020-7636Apr 6, 2020risk 0.00cvss —epss 0.01
adb-driver through 0.1.8 is vulnerable to Command Injection.It allows execution of arbitrary commands via the command function.
- CVE-2020-7634Apr 6, 2020risk 0.00cvss —epss 0.03
heroku-addonpool through 0.1.15 is vulnerable to Command Injection.
- CVE-2020-7633Apr 6, 2020risk 0.00cvss —epss 0.01
apiconnect-cli-plugins through 6.0.1 is vulnerable to Command Injection.It allows execution of arbitrary commands via the pluginUri argument.
- CVE-2020-7632Apr 6, 2020risk 0.00cvss —epss 0.01
node-mpv through 1.4.3 is vulnerable to Command Injection. It allows execution of arbitrary commands via the options argument.
- CVE-2020-7631Apr 6, 2020risk 0.00cvss —epss 0.01
diskusage-ng through 0.2.4 is vulnerable to Command Injection.It allows execution of arbitrary commands via the path argument.
- CVE-2020-7630Apr 2, 2020risk 0.00cvss —epss 0.01
git-add-remote through 1.0.0 is vulnerable to Command Injection. It allows execution of arbitrary commands via the name argument.
- CVE-2020-7629Apr 2, 2020risk 0.00cvss —epss 0.01
install-package through 0.4.0 is vulnerable to Command Injection. It allows execution of arbitrary commands via the options argument.
- CVE-2020-7628Apr 2, 2020risk 0.00cvss —epss 0.01
umount through 1.1.6 is vulnerable to Command Injection. The argument device can be controlled by users without any sanitization.
- CVE-2020-7627Apr 2, 2020risk 0.00cvss —epss 0.01
node-key-sender through 1.0.11 is vulnerable to Command Injection. It allows execution of arbitrary commands via the 'arrParams' argument in the 'execute()' function.
- CVE-2020-7626Apr 2, 2020risk 0.00cvss —epss 0.01
karma-mojo through 1.0.1 is vulnerable to Command Injection. It allows execution of arbitrary commands via the config argument.