CVE-2025-56130

The CVE-2025-56130 affects Ruijie RG-S1930 series switches (S1930SWITCH_3.0(1)B11P230). AOS vulnerability: OS Command Injection via a crafted POST to the module_update endpoint in /usr/local/lua/dev_config/ace_sw.lua. Impact is arbitrary command execution with high severity (CVSS 3.1: AV:N/AC:L/P...

CVE-2025-56124

CVE-2025-56124 affects Ruijie X60 PRO routers (V1.00–V2.00). The vulnerability is an OS Command Injection in the module_get function invoked via a crafted POST to /usr/local/lua/dev_sta/networkConnect.lua, allowing an attacker to execute arbitrary commands with local privileges. Multiple sources ...

CVE-2025-56092

CVE-2025-56092 affects Ruijie X30 PRO V1 (X30-PRO-V1_09241521). The vulnerability is an OS Command Injection in the module_get function located at /usr/local/lua/dev_sta/networkConnect.lua, triggered by a crafted POST request. The CVE details indicate an attacker can execute arbitrary commands wi...

CVE-2025-64153

A improper neutralization of special elements used in an os command 'os command injection' in Fortinet FortiExtender 7.6.0 through 7.6.3, FortiExtender 7.4.0 through 7.4.7, FortiExtender 7.2 all versions, FortiExtender 7.0 all versions may allow an authenticated attacker to execute unauthorized...

Selea Targa IP OCR-ANPR Camera 操作系统命令注入漏洞

Selea Targa IP OCR-ANPR Camera is an IP camera from Selea. The Selea Targa IP OCR-ANPR Camera suffers from an operating system command injection vulnerability that stems from a command injection issue with the addr and port parameters in utils.php, which could lead to the execution of arbitrary...

Exploit for OS Command Injection in Clam_Anti-Virus Clamav

Sendmail + ClamAV-Milter Exploit CVE-2007-4560 Python RCE e...

CVE-2025-14092

A security vulnerability has been detected in Edimax BR-6478AC V3 1.0.15. This issue affects the function sub416898 of the file /boafrm/formDebugDiagnosticRun. The manipulation of the argument host leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed...

CVE-2025-14094

Edimax BR-6478AC V3 (firmware 1.0.15) is affected by an OS command injection in the function sub_44CCE4 of /boafrm/formSysCmd. The vulnerability arises from manipulating the sysCmd argument, enabling remote execution of commands. Public exploit code exists, and multiple sources confirm the attack...

CVE-2025-29269

ALLNET ALL-RUT22GW v3.3.8 was discovered to contain an OS command injection vulnerability via the command parameter in the popen.cgi endpoint...

PT-2025-48189

Name of the Vulnerable Software and Affected Versions TRENDnet TEW-657BRM version 1.00.1 Description The TRENDnet TEW-657BRM device version 1.00.1 contains an authenticated remote OS command injection issue in the setup.cgi binary. An attacker can exploit this by manipulating the HTTP parameters...

Dynatrace ActiveGate 安全漏洞

Dynatrace ActiveGate is a gateway component in a monitoring platform from Dynatrace USA. A security vulnerability exists in Dynatrace ActiveGate version 1.016 and earlier, which stems from improper handling of specially crafted ip addresses and could lead to an OS command injection attack...

CVE-2025-46422

Dell Unity, versions 5.5 and prior, contains an Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability to execute arbitrary commands with root privileges...

CVE-2025-46423

CVE-2025-46423: Dell Unity OS (version 5.5 and earlier) contains an OS Command Injection due to improper neutralization of special elements in commands. A low-privileged attacker with local access could potentially execute arbitrary commands with root privileges. Affected product/versions: Dell U...

CVE-2025-46423

Dell Unity, versions 5.5 and prior, contains an Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability to execute arbitrary commands with root privileges...

CVE-2025-47901

Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in Microchip Time Provider 4100 allows OS Command Injection.This issue affects Time Provider 4100: before 2.5...

Microchip TimeProvider 4100 安全漏洞

Microchip TimeProvider 4100 is a gateway clock from Microchip, Inc. A security vulnerability exists in Microchip TimeProvider 4100 versions prior to 2.5, which stems from improper neutralization of special elements and could lead to OS command injection...

Microchip TimeProvider 4100 安全漏洞

Microchip TimeProvider 4100 is a gateway clock from Microchip, Inc. A security vulnerability exists in Microchip TimeProvider 4100 versions prior to 2.5, which stems from improper neutralization of special elements and could lead to OS command injection...

Exploit for CVE-2025-56799

CVE-2025-56799 OS Command Injection Vulnerability via Cach...

EUVD-2025-34858

The iSherlock developed by HGiga has an OS Command Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary OS commands and execute them on the server...

CVE-2025-5946 RCE via the poller reload feature available only to user with high privilege

Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in Centreon Infra Monitoring Poller reload setup in the configuration modules allows OS Command Injection. On the poller parameters page, a user with high privilege is able to concatenate custom...