CVE-2021-37346

Nagios XI WatchGuard Wizard before version 1.4.8 is vulnerable to remote code execution through Improper neutralisation of special elements used in an OS Command OS Command injection...

CVE-2021-36380

Sunhillo SureLine before 8.7.0.1.1 allows Unauthenticated OS Command Injection via shell metacharacters in ipAddr or dnsAddr /cgi/networkDiag.cgi. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...

CVE-2021-36982

AIMANAGER before B115 on MONITORAPP Application Insight Web Application Firewall AIWAF devices with Manager 2.1.0 allows OS Command Injection because of missing input validation on one of the parameters of an HTTP request...

CVE-2021-36982

AIMANAGER before B115 on MONITORAPP Application Insight Web Application Firewall AIWAF devices with Manager 2.1.0 allows OS Command Injection because of missing input validation on one of the parameters of an HTTP request...

CVE-2020-25560

In SapphireIMS 5.0, it is possible to use the hardcoded credential in clients username: sapphire, password: ims and gain access to the portal. Once the access is available, the attacker can inject malicious OS commands on “ping”, “traceroute” and “snmp” functions and execute code on the server. W...

Hardcoded credentials

In SapphireIMS 5.0, it is possible to use the hardcoded credential in clients username: sapphire, password: ims and gain access to the portal. Once the access is available, the attacker can inject malicious OS commands on “ping”, “traceroute” and “snmp” functions and execute code on the server...

Hardcoded credentials

In SapphireIMS 5.0, it is possible to use the hardcoded credential in clients username: sapphire, password: ims and gain access to the portal. Once the access is available, the attacker can inject malicious OS commands on “ping”, “traceroute” and “snmp” functions and execute code on the server. W...

CVE-2020-25565

CVE-2020-25565 affects SapphireIMS 5.0. The issue is a hardcoded credential (username: sapphire, password: ims) that grants portal access. Once accessed, an attacker can inject malicious OS commands via the server-side functions for ping, traceroute, and snmp, enabling code execution on the serve...

CVE-2020-25560

In SapphireIMS 5.0, it is possible to use the hardcoded credential in clients username: sapphire, password: ims and gain access to the portal. Once the access is available, the attacker can inject malicious OS commands on “ping”, “traceroute” and “snmp” functions and execute code on the server. W...

CVE-2020-25560

CVE-2020-25560 affects SapphireIMS 5.0. The vulnerability arises from hardcoded credentials (username: sapphire, password: ims) that allow unauthenticated access to the portal. Once access is gained, an attacker can inject OS commands via the server-side functions for ping, traceroute, and SNMP, ...

CVE-2021-3045

An OS command argument injection vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator to read any arbitrary file from the file system. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.19; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14;...

CVE-2021-3050

An OS command injection vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator to execute arbitrary OS commands to escalate privileges. This issue impacts: PAN-OS 9.0 version 9.0.10 through PAN-OS 9.0.14; PAN-OS 9.1 version 9.1.4 through PAN-OS 9.1.10;...

CVE-2021-3050

An OS command injection vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator to execute arbitrary OS commands to escalate privileges. This issue impacts: PAN-OS 9.0 version 9.0.10 through PAN-OS 9.0.14; PAN-OS 9.1 version 9.1.4 through PAN-OS 9.1.10;...

CVE-2021-3050

The CVE-2021-3050 issue affects Palo Alto Networks PAN-OS web interface where an authenticated administrator can trigger OS command injection. Affects PAN-OS 9.0.10–9.0.14; 9.1.4–9.1.10; 10.0.7 and earlier; 10.1.0–10.1.1. Prisma Access/firewalls running PAN-OS 8.1 are not impacted. Exploitation r...

OS Command Injection

topthink/think is vulnerable OS command injection. An attacker is able to inject malicious PHP code via /library/think/App.php...

CVE-2021-21585

Dell OpenManage Enterprise versions prior to 3.6.1 contain an OS command injection vulnerability in RACADM and IPMI tools. A remote authenticated malicious user with high privileges may potentially exploit this vulnerability to execute arbitrary OS commands...

CVE-2021-21585

CVE-2021-21585 affects Dell OpenManage Enterprise (prior to 3.6.1). The vulnerability is an OS command injection in the RACADM and IPMI tools. An authenticated remote attacker with high privileges could potentially exploit this flaw to execute arbitrary OS commands on affected systems. The issue ...

CVE-2021-21805

An OS Command Injection vulnerability exists in the ping.php script functionality of Advantech R-SeeNet v 2.4.12 20.10.2020. A specially crafted HTTP request can lead to arbitrary OS command execution. An attacker can send a crafted HTTP request to trigger this vulnerability...

CVE-2021-21805

An OS Command Injection vulnerability exists in the ping.php script functionality of Advantech R-SeeNet v 2.4.12 20.10.2020. A specially crafted HTTP request can lead to arbitrary OS command execution. An attacker can send a crafted HTTP request to trigger this vulnerability...

CVE-2021-21805

An OS Command Injection vulnerability exists in the ping.php script functionality of Advantech R-SeeNet v 2.4.12 20.10.2020. A specially crafted HTTP request can lead to arbitrary OS command execution. An attacker can send a crafted HTTP request to trigger this vulnerability...