CWE-88
Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')
Description
The product constructs a string for a command to be executed by a separate component in another control sphere, but it does not properly delimit the intended arguments, options, or switches within that command string.
Hierarchy (View 1000)
Parents
Children
none
Related attack patterns (CAPEC)
CAPEC-137 · CAPEC-174 · CAPEC-41 · CAPEC-460 · CAPEC-88
CVEs mapped to this weakness (169)
page 6 of 9| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-1999-0113 | 0.04 | — | 0.17 | May 23, 1994 | Some implementations of rlogin allow root access if given a -froot parameter. | |||
| CVE-2006-6597 | 0.03 | — | 0.02 | Dec 15, 2006 | Argument injection vulnerability in HyperAccess 8.4 allows user-assisted remote attackers to execute arbitrary vbscript and commands via the /r option in a telnet:// URI, which is configured to use hawin32.exe. | |||
| CVE-2022-23221 | — | 0.02 | — | 0.65 | Jan 19, 2022 | H2 Console before 2.1.210 allows remote attackers to execute arbitrary code via a jdbc:h2:mem JDBC URL containing the IGNORE_UNKNOWN_SETTINGS=TRUE;FORBID_CREATION=FALSE;INIT=RUNSCRIPT substring, a different vulnerability than CVE-2021-42392. | ||
| CVE-2006-4692 | 0.02 | — | 0.27 | Oct 10, 2006 | Argument injection vulnerability in the Windows Object Packager (packager.exe) in Microsoft Windows XP SP1 and SP2 and Server 2003 SP1 and earlier allows remote user-assisted attackers to execute arbitrary commands via a crafted file with a "/" (slash) character in the filename… | |||
| CVE-2003-0907 | 0.02 | — | 0.22 | Jun 1, 2004 | Help and Support Center in Microsoft Windows XP SP1 does not properly validate HCP URLs, which allows remote attackers to execute arbitrary code via quotation marks in an hcp:// URL, which are not quoted when constructing the argument list to HelpCtr.exe. | |||
| CVE-2006-2056 | 0.01 | — | 0.13 | Apr 26, 2006 | Argument injection vulnerability in Internet Explorer 6 for Windows XP SP2 allows user-assisted remote attackers to modify command line arguments to an invoked mail client via " (double quote) characters in a mailto: scheme handler, as demonstrated by launching Microsoft Outlook… | |||
| CVE-2006-2055 | 0.01 | — | 0.15 | Apr 26, 2006 | Argument injection vulnerability in Microsoft Outlook 2003 SP1 allows user-assisted remote attackers to modify command line arguments to an invoked mail client via " (double quote) characters in a mailto: scheme handler, as demonstrated by launching Microsoft Outlook with an… | |||
| CVE-2004-0480 | 0.01 | — | 0.09 | Dec 6, 2004 | Argument injection vulnerability in IBM Lotus Notes 6.0.3 and 6.5 allows remote attackers to execute arbitrary code via a notes: URI that uses a UNC network share pathname to provide an alternate notes.ini configuration file to notes.exe. | |||
| CVE-2004-0489 | 0.01 | — | 0.07 | Jul 7, 2004 | Argument injection vulnerability in the SSH URI handler for Safari on Mac OS 10.3.3 and earlier allows remote attackers to (1) execute arbitrary code via the ProxyCommand option or (2) conduct port forwarding via the -R option. | |||
| CVE-2004-0411 | 0.01 | — | 0.08 | Jul 7, 2004 | The URI handlers in Konqueror for KDE 3.2.2 and earlier do not properly filter "-" characters that begin a hostname in a (1) telnet, (2) rlogin, (3) ssh, or (4) mailto URI, which allows remote attackers to manipulate the options that are passed to the associated programs,… | |||
| CVE-2026-12530 | 0.00 | — | 0.00 | Jun 17, 2026 | Improper neutralization of argument delimiters in the install_packages() method in AWS Bedrock AgentCore Python SDK versions >= 1.1.3 and < 1.6.1 might allow a remote authenticated user to execute arbitrary commands within the Code Interpreter sandbox via crafted package name… | |||
| CVE-2026-44210 | 0.00 | — | 0.00 | May 26, 2026 | ## Summary Kata Containers ships with a default configuration that allows pod creators to inject arbitrary command-line arguments into the virtiofsd process through the `io.katacontainers.config.hypervisor.virtio_fs_extra_args` pod annotation. By injecting `-o source=/` along… | |||
| CVE-2026-44968 | 0.00 | — | 0.00 | May 14, 2026 | *Discovered through manual source code review. Verified by PoC execution against a local dbt-mcp v1.15.1 installation.** ## Summary `_run_dbt_command()` in `src/dbt_mcp/dbt_cli/tools.py` constructs the dbt subprocess argument list by appending user-supplied MCP tool parameters… | |||
| CVE-2026-29608 | 0.00 | — | 0.00 | Mar 19, 2026 | OpenClaw 2026.3.1 contains an approval integrity vulnerability in system.run node-host execution where argv rewriting changes command semantics. Attackers can place malicious local scripts in the working directory to execute unintended code despite operator approval of different… | |||
| CVE-2026-22168 | 0.00 | — | 0.00 | Mar 18, 2026 | OpenClaw versions prior to 2026.2.21 contain an approval-integrity mismatch vulnerability in system.run that allows authenticated operators to execute arbitrary trailing arguments after cmd.exe /c while approval text reflects only a benign command. Attackers can smuggle… | |||
| CVE-2026-28470 | 0.00 | — | 0.00 | Mar 5, 2026 | OpenClaw versions prior to 2026.2.2 contain an exec approvals (must be enabled) allowlist bypass vulnerability that allows attackers to execute arbitrary commands by injecting command substitution syntax. Attackers can bypass the allowlist protection by embedding unescaped $()… | |||
| CVE-2026-26194 | 0.00 | — | 0.00 | Mar 5, 2026 | Gogs is an open source self-hosted Git service. Prior to version 0.14.2, there's a security issue in gogs where deleting a release can fail if a user controlled tag name is passed to git without the right separator, this lets git options get injected and mess with the process.… | |||
| CVE-2026-24126 | 0.00 | — | 0.00 | Feb 18, 2026 | Weblate is a web based localization tool. Prior to 5.16.0, the SSH management console did not validate the passed input while adding the SSH host key, which could lead to an argument injection to `ssh-add`. Version 5.16.0 fixes the issue. As a workaround, properly limit access… | |||
| CVE-2026-24739 | 0.00 | — | 0.00 | Jan 28, 2026 | Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to versions 5.4.51, 6.4.33, 7.3.11, 7.4.5, and 8.0.5, the Symfony Process component did not correctly treat some characters (notably `=`) as “special” when escaping… | |||
| CVE-2025-59937 | — | 0.00 | — | 0.01 | Sep 29, 2025 | go-mail is a comprehensive library for sending mails with Go. In versions 0.7.0 and below, due to incorrect handling of the mail.Address values when a sender- or recipient address is passed to the corresponding MAIL FROM or RCPT TO commands of the SMTP client, there is a… |
- CVE-1999-0113May 23, 1994risk 0.04cvss —epss 0.17
Some implementations of rlogin allow root access if given a -froot parameter.
- CVE-2006-6597Dec 15, 2006risk 0.03cvss —epss 0.02
Argument injection vulnerability in HyperAccess 8.4 allows user-assisted remote attackers to execute arbitrary vbscript and commands via the /r option in a telnet:// URI, which is configured to use hawin32.exe.
- CVE-2022-23221Jan 19, 2022risk 0.02cvss —epss 0.65
H2 Console before 2.1.210 allows remote attackers to execute arbitrary code via a jdbc:h2:mem JDBC URL containing the IGNORE_UNKNOWN_SETTINGS=TRUE;FORBID_CREATION=FALSE;INIT=RUNSCRIPT substring, a different vulnerability than CVE-2021-42392.
- CVE-2006-4692Oct 10, 2006risk 0.02cvss —epss 0.27
Argument injection vulnerability in the Windows Object Packager (packager.exe) in Microsoft Windows XP SP1 and SP2 and Server 2003 SP1 and earlier allows remote user-assisted attackers to execute arbitrary commands via a crafted file with a "/" (slash) character in the filename…
- CVE-2003-0907Jun 1, 2004risk 0.02cvss —epss 0.22
Help and Support Center in Microsoft Windows XP SP1 does not properly validate HCP URLs, which allows remote attackers to execute arbitrary code via quotation marks in an hcp:// URL, which are not quoted when constructing the argument list to HelpCtr.exe.
- CVE-2006-2056Apr 26, 2006risk 0.01cvss —epss 0.13
Argument injection vulnerability in Internet Explorer 6 for Windows XP SP2 allows user-assisted remote attackers to modify command line arguments to an invoked mail client via " (double quote) characters in a mailto: scheme handler, as demonstrated by launching Microsoft Outlook…
- CVE-2006-2055Apr 26, 2006risk 0.01cvss —epss 0.15
Argument injection vulnerability in Microsoft Outlook 2003 SP1 allows user-assisted remote attackers to modify command line arguments to an invoked mail client via " (double quote) characters in a mailto: scheme handler, as demonstrated by launching Microsoft Outlook with an…
- CVE-2004-0480Dec 6, 2004risk 0.01cvss —epss 0.09
Argument injection vulnerability in IBM Lotus Notes 6.0.3 and 6.5 allows remote attackers to execute arbitrary code via a notes: URI that uses a UNC network share pathname to provide an alternate notes.ini configuration file to notes.exe.
- CVE-2004-0489Jul 7, 2004risk 0.01cvss —epss 0.07
Argument injection vulnerability in the SSH URI handler for Safari on Mac OS 10.3.3 and earlier allows remote attackers to (1) execute arbitrary code via the ProxyCommand option or (2) conduct port forwarding via the -R option.
- CVE-2004-0411Jul 7, 2004risk 0.01cvss —epss 0.08
The URI handlers in Konqueror for KDE 3.2.2 and earlier do not properly filter "-" characters that begin a hostname in a (1) telnet, (2) rlogin, (3) ssh, or (4) mailto URI, which allows remote attackers to manipulate the options that are passed to the associated programs,…
- CVE-2026-12530Jun 17, 2026risk 0.00cvss —epss 0.00
Improper neutralization of argument delimiters in the install_packages() method in AWS Bedrock AgentCore Python SDK versions >= 1.1.3 and < 1.6.1 might allow a remote authenticated user to execute arbitrary commands within the Code Interpreter sandbox via crafted package name…
- CVE-2026-44210May 26, 2026risk 0.00cvss —epss 0.00
## Summary Kata Containers ships with a default configuration that allows pod creators to inject arbitrary command-line arguments into the virtiofsd process through the `io.katacontainers.config.hypervisor.virtio_fs_extra_args` pod annotation. By injecting `-o source=/` along…
- CVE-2026-44968May 14, 2026risk 0.00cvss —epss 0.00
*Discovered through manual source code review. Verified by PoC execution against a local dbt-mcp v1.15.1 installation.** ## Summary `_run_dbt_command()` in `src/dbt_mcp/dbt_cli/tools.py` constructs the dbt subprocess argument list by appending user-supplied MCP tool parameters…
- CVE-2026-29608Mar 19, 2026risk 0.00cvss —epss 0.00
OpenClaw 2026.3.1 contains an approval integrity vulnerability in system.run node-host execution where argv rewriting changes command semantics. Attackers can place malicious local scripts in the working directory to execute unintended code despite operator approval of different…
- CVE-2026-22168Mar 18, 2026risk 0.00cvss —epss 0.00
OpenClaw versions prior to 2026.2.21 contain an approval-integrity mismatch vulnerability in system.run that allows authenticated operators to execute arbitrary trailing arguments after cmd.exe /c while approval text reflects only a benign command. Attackers can smuggle…
- CVE-2026-28470Mar 5, 2026risk 0.00cvss —epss 0.00
OpenClaw versions prior to 2026.2.2 contain an exec approvals (must be enabled) allowlist bypass vulnerability that allows attackers to execute arbitrary commands by injecting command substitution syntax. Attackers can bypass the allowlist protection by embedding unescaped $()…
- CVE-2026-26194Mar 5, 2026risk 0.00cvss —epss 0.00
Gogs is an open source self-hosted Git service. Prior to version 0.14.2, there's a security issue in gogs where deleting a release can fail if a user controlled tag name is passed to git without the right separator, this lets git options get injected and mess with the process.…
- CVE-2026-24126Feb 18, 2026risk 0.00cvss —epss 0.00
Weblate is a web based localization tool. Prior to 5.16.0, the SSH management console did not validate the passed input while adding the SSH host key, which could lead to an argument injection to `ssh-add`. Version 5.16.0 fixes the issue. As a workaround, properly limit access…
- CVE-2026-24739Jan 28, 2026risk 0.00cvss —epss 0.00
Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to versions 5.4.51, 6.4.33, 7.3.11, 7.4.5, and 8.0.5, the Symfony Process component did not correctly treat some characters (notably `=`) as “special” when escaping…
- CVE-2025-59937Sep 29, 2025risk 0.00cvss —epss 0.01
go-mail is a comprehensive library for sending mails with Go. In versions 0.7.0 and below, due to incorrect handling of the mail.Address values when a sender- or recipient address is passed to the corresponding MAIL FROM or RCPT TO commands of the SMTP client, there is a…