CVE-2024-57018

TOTOLINK X5000R V9.1.0cu.2350B20230313 was discovered to contain an OS command injection vulnerability via the "desc" parameter in setVpnAccountCfg...

NEC Aterm WX1500HP 操作系统命令注入漏洞

The NEC Aterm WX1500HP is a wireless router from Nippon Electric NEC. An operating system command injection vulnerability exists in NEC Aterm WX1500HP Ver.1.4.2 and earlier and WX3600HP Ver.1.5.3 and earlier, which originates from allowing an attacker to execute arbitrary OS commands over the...

Fortinet FortiVoice 操作系统命令注入漏洞

Fortinet FortiVoice is a network communications solution from Fortinet, Inc. Fortinet FortiVoice suffers from an operating system command injection vulnerability that arises from an improper neutralization of special elements used in operating system commands, which can be exploited by an attacke...

Tiki wiki cms 操作系统命令注入漏洞

Tiki wiki cms is a website CMS. An operating system command injection vulnerability exists in versions of Tiki Wiki CMS prior to version 28, which stems from an improper neutralization of special elements used in operating system commands, resulting in an operating system command injection...

CVE-2024-50369

A CWE-78 "Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection'" was discovered affecting the following devices manufactured by Advantech: EKI-6333AC-2G = 1.6.3, EKI-6333AC-2GD = v1.6.3 and EKI-6333AC-1GPO = v1.2.1. The source of the vulnerability relies on...

LogSign Unified SecOps Platform 操作系统命令注入漏洞

Logsign Unified SecOps Platform is a security operations platform from Logsign, Inc. for collecting, storing, analyzing, and responding to security data from a variety of sources. An operating system command injection vulnerability exists in LogSign Unified SecOps Platform versions prior to 6.4.8...

MC Technologies MC LR Router 操作系统命令注入漏洞

MC Technologies MC LR Router is a router from MC Technologies, Germany. An operating system command injection vulnerability exists in MC Technologies MC LR Router version 2.10.5, which stems from an OS command injection in the I/O configuration function of the web interface, which could lead to...

PT-2024-33257 · Rakuten · Rakuten Turbo 5G

Name of the Vulnerable Software and Affected Versions: Rakuten Turbo 5G firmware versions V1.3.18 and earlier Description: The issue is related to improper neutralization of special elements used in an OS command, also known as 'OS Command Injection'. This could allow a remote authenticated...

CVE-2024-32118

Multiple improper neutralization of special elements used in an OS command 'OS Command Injection' vulnerabilities CWE-78 in Fortinet FortiManager version 7.4.0 through 7.4.2 and before 7.2.5, Fortinet FortiAnalyzer version 7.4.0 through 7.4.2 and before 7.2.5 and Fortinet FortiAnalyzer-BigData...

Fortinet FortiManager和Fortinet FortiAnalyzer 操作系统命令注入漏洞

Fortinet FortiManager and Fortinet FortiAnalyzer are both products of Fortinet, a centralized network security management platform. The platform supports centralized management of any number of Fortinet devices, and can be grouped into different management domains ADOM to further simplify the...

PT-2024-6886

Name of the Vulnerable Software and Affected Versions Palo Alto Networks Expedition affected versions not specified Description An OS command injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to run arbitrary OS commands as root in Expedition. This result...

CVE-2024-41585

DrayTek Vigor3910 devices through 4.3.2.6 are affected by an OS command injection vulnerability that allows an attacker to leverage the recvCmd binary to escape from the emulated instance and inject arbitrary commands into the host machine...

CVE-2024-7591

Improper Input Validation vulnerability in Progress LoadMaster allows OS Command Injection.This issue affects: LoadMaster: 7.2.40.0 and above ECS: All versions Multi-Tenancy: 7.1.35.4 and above...

Zyxel NWA1100-N 操作系统命令注入漏洞

The Zyxel NWA1100-N is a wireless access point from China Heqin Zyxel. An operating system command injection vulnerability exists in the Zyxel NWA1100-N version 1.00AACE.1C0, which stems from the presence of a command injection vulnerability that could allow an unauthenticated attacker to execute...

TOTOLINK AC1200 安全漏洞

The TOTOLINK AC1200 T8 is a dual-band full gigabit router from China's Gion Electronics TOTOLINK. The TOTOLINK AC1200 T8 suffers from an operating system command injection vulnerability that stems from the setDiagnosisCfg method failing to properly filter constructed command special characters,...

CVE-2024-42744

In TOTOLINK X5000r v9.1.0cu.2350b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setModifyVpnUser. Authenticated Attackers can send malicious packet to execute arbitrary commands...

CVE-2024-6917

Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in Veribilim Software Veribase Order Management allows OS Command Injection.This issue affects Veribase Order Management: before v4.010.2...

FFRI AMC vulnerable to OS command injection

Overview FFRI AMC provided by FFRI Security, Inc. is a management console for the endpoint security product FFRI yarai and ActSecure X. FFRI AMC contains an OS command injection vulnerability CWE-78. It is exploitable when the notification program setting is enabled, the executable file path is...

Smart PLC AC14xx and Smart PLC AC4xxS Operating System Command Injection Vulnerability

The ifm electronic Smart PLC AC14xx and ifm electronic Smart PLC AC4xxS are a series of hosts/gateways from ifm electronic Germany. An operating system command injection vulnerability exists in Smart PLC AC14xx and Smart PLC AC4xxS versions 4.3.17 and earlier, which originates from a remote...

ELECOM WRC-X5400GS-B和WRC-X5400GSA-B 安全漏洞

The ELECOM WRC-X5400GS-B is a Wi-Fi Gigabit router from ELECOM Japan. A security vulnerability exists in the ELECOM WRC-X5400GS-B v1.0.10 and earlier and WRC-X5400GSA-B v1.0.10 and earlier, which stems from a contained operating system command injection vulnerability...