VYPR

CWE-88

Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')

BaseDraft

Description

The product constructs a string for a command to be executed by a separate component in another control sphere, but it does not properly delimit the intended arguments, options, or switches within that command string.

Hierarchy (View 1000)

Parents

Children

none

Related attack patterns (CAPEC)

CAPEC-137 · CAPEC-174 · CAPEC-41 · CAPEC-460 · CAPEC-88

CVEs mapped to this weakness (169)

page 2 of 9
  • CVE-2025-49520HigJun 30, 2025
    risk 0.57cvss 8.8epss 0.00

    A flaw was found in Ansible Automation Platform’s EDA component where user-supplied Git URLs are passed unsanitized to the git ls-remote command. This vulnerability allows an authenticated attacker to inject arguments and execute arbitrary commands on the EDA worker. In…

  • CVE-2018-0345HigJul 18, 2018
    risk 0.57cvss 8.8epss 0.03

    A vulnerability in the configuration and management database of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to execute arbitrary commands with the privileges of the vmanage user in the configuration management system of the affected software. The…

  • CVE-2017-1001003CriNov 27, 2017
    risk 0.57cvss 9.8epss 0.02

    math.js before 3.17.0 had an issue where private properties such as a constructor could be replaced by using unicode characters when creating an object.

  • CVE-2025-47421HigSep 3, 2025
    risk 0.56cvss epss 0.00

    Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability in CRESTRON TOUCHSCREENS x70 allows Argument Injection.This issue affects TOUCHSCREENS x70: from 3.001.0031.001 through 3.001.0034.001. A specially crafted SCP command sent via SSH…

  • CVE-2024-22182HigMar 1, 2024
    risk 0.56cvss 8.6epss 0.01

    A remote, unauthenticated attacker may be able to send crafted messages to the web server of the Commend WS203VICM causing the system to restart, interrupting service.

  • CVE-2025-46835HigJul 10, 2025
    risk 0.55cvss 8.5epss 0.00

    Git GUI allows you to use the Git source control management tools via a GUI. When a user clones an untrusted repository and is tricked into editing a file located in a maliciously named directory in the repository, then Git GUI can create and overwrite files for which the user…

  • CVE-2025-49008CriJun 5, 2025
    risk 0.54cvss epss 0.01

    Atheos is a self-hosted browser-based cloud integrated development environment. Prior to version 6.0.4, improper use of `escapeshellcmd()` in `/components/codegit/traits/execute.php` allows argument injection, leading to arbitrary command execution. Atheos administrators and…

  • CVE-2026-41013HigJun 1, 2026
    risk 0.53cvss 8.1epss 0.00

    Input validation bypass in SMB volume mount handling in CloudFoundry Foundation diego-release allows low-privileged CF space developer to inject arbitrary kernel CIFS mount options via bypassing the mount-option allowlist, enabling privilege escalation and security control…

  • CVE-2026-43893HigMay 11, 2026
    risk 0.53cvss 8.2epss 0.00

    exiftool-vendored provides cross-platform Node.js access to ExifTool. Prior to 35.19.0, exiftool-vendored starts ExifTool in -stay_open True -@ - mode, where arguments are read from stdin one per line. In affected versions, several caller-supplied strings were interpolated into…

  • CVE-2023-6634HigJan 11, 2024
    risk 0.53cvss 8.1epss 0.09

    The LearnPress plugin for WordPress is vulnerable to Command Injection in all versions up to, and including, 4.2.5.7 via the get_content function. This is due to the plugin making use of the call_user_func function with user input. This makes it possible for unauthenticated…

  • CVE-2018-13386HigJul 24, 2018
    risk 0.53cvss 8.1epss 0.02

    There was an argument injection vulnerability in Sourcetree for Windows via filenames in Mercurial repositories. An attacker with permission to commit to a Mercurial repository linked in Sourcetree for Windows is able to exploit this issue to gain code execution on the system.…

  • CVE-2026-45158CriMay 13, 2026
    risk 0.52cvss 9.1epss 0.01

    OPNsense is a FreeBSD based firewall and routing platform. Prior to 26.1.8, unsanitized user input is passed to the DHCP configuration of the configured interface, which is processed by a shell script, allowing remote code execution as root on the underlying operating system.…

  • CVE-2026-44193CriMay 13, 2026
    risk 0.52cvss 9.1epss 0.01

    OPNsense is a FreeBSD based firewall and routing platform. Prior to 26.1.7, the XMLRPC method opnsense.restore_config_section fails to sanitize user supplied input leading to Remote Code Execution. This vulnerability is fixed in 26.1.7.

  • CVE-2026-35033CriApr 14, 2026
    risk 0.52cvss 9.1epss 0.00

    Jellyfin is an open source self hosted media server. Versions prior to 10.11.7 contain an unauthenticated arbitrary file read vulnerability via ffmpeg argument injection through the StreamOptions query parameter parsing mechanism. The ParseStreamOptions method in…

  • CVE-2026-52750HigJun 10, 2026
    risk 0.51cvss 7.8epss 0.01

    Ghidra before 12.1 contains a command injection vulnerability in URL annotation handling on Windows where cmd.exe metacharacters are not properly escaped. Attackers can execute arbitrary commands under the Ghidra user's privileges by embedding malicious URLs in program comments…

  • CVE-2026-4145HigApr 15, 2026
    risk 0.51cvss 7.8epss 0.00

    During an internal security assessment, a potential vulnerability was discovered in Lenovo Software Fix that could allow a local authenticated user to perform arbitrary code execution with elevated privileges.

  • CVE-2026-0634HigApr 2, 2026
    risk 0.51cvss 7.8epss 0.01

    Code execution in AssistFeedbackService of TECNO Pova7 Pro 5G on Android allows local apps to execute arbitrary code as system via command injection.

  • CVE-2025-0065HigJan 28, 2025
    risk 0.51cvss 7.8epss 0.01

    Improper Neutralization of Argument Delimiters in the TeamViewer_service.exe component of TeamViewer Clients prior version 15.62 for Windows allows an attacker with local unprivileged access on a Windows system to elevate privileges via argument injection.

  • CVE-2026-47114HigMay 21, 2026
    risk 0.50cvss 8.8epss 0.01

    IINA before 1.4.3 contains a user-assisted command execution vulnerability that allows remote attackers to execute arbitrary commands by supplying malicious mpv_-prefixed query parameters through the iina://open custom URL scheme handler. Attackers can deliver a crafted URL via…

  • CVE-2026-42266HigMay 13, 2026
    risk 0.50cvss 8.8epss 0.00

    JupyterLab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook Architecture. From 4.0.0 to 4.5.6, the allow-list of extensions that can be installed from PyPI Extension Manager (allowed_extensions_uris) is not correctly enforced…