CVE-2022-37921

Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete...

CVE-2022-31161

Roxy-WI is a Web interface for managing HAProxy, Nginx and Keepalived servers. Prior to version 6.1.1.0, the system command can be run remotely via the subprocessexecute function without processing the inputs received from the user in the /app/options.py file. Version 6.1.1.0 contains a patch for...

CVE-2017-18378

In NETGEAR ReadyNAS Surveillance before 1.4.3-17 x86 and before 1.1.4-7 ARM, $GET'uploaddir' is not escaped and is passed to system through $tmpuploaddir, leading to upgradehandle.php?cmd=writeuploaddir remote command execution...

CVE-2020-7879

This issue was discovered when the ipTIME C200 IP Camera was synchronized with the ipTIME NAS. It is necessary to extract value for ipTIME IP camera because the ipTIME NAS send ans setCookie'COOKIE' . The value is transferred to the --header option in wget binary, and there is no validation check...

CVE-2024-34361

Pi-hole is a DNS sinkhole that protects devices from unwanted content without installing any client-side software. A vulnerability in versions prior to 5.18.3 allows an authenticated user to make internal requests to the server via the gravityDownloadBlocklistFromUrl function. Depending on some...

CVE-2024-41134

A vulnerability exists in the HPE Aruba Networking EdgeConnect SD-WAN gateway's Command Line Interface that allows remote authenticated users to run arbitrary commands on the underlying host. Successful exploitation of this vulnerability will result in the ability to execute arbitrary commands as...

PT-2026-2237

CVE-2026-22634 - Apache HTTP Server Unauthenticated Remote Command Execution CVE ID : CVE-2026-22634 Published : Jan. 9, 2026, 4:15 a.m. | 2 hours, 8 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products,...

CVE-2017-20216

FLIR Thermal Camera PT-Series firmware version 8.0.0.64 contains multiple unauthenticated remote command injection vulnerabilities in the controllerFlirSystem.php script. Attackers can execute arbitrary system commands as root by exploiting unsanitized POST parameters in the execFlirSystem functi...

CVE-2019-25289 INIM Electronics SmartLiving SmartLAN/G/SI <=6.x Remote Command Execution

SmartLiving SmartLAN =6.x contains an authenticated remote command injection vulnerability in the web.cgi binary through the 'par' POST parameter with the 'testemail' module. Attackers can exploit the unsanitized parameter and system function call to execute arbitrary system commands with root...

CVE-2013-6027

Stack-based buffer overflow in the RuntimeDiagnosticPing function in /bin/webs on D-Link DIR-100 routers might allow remote authenticated administrators to execute arbitrary commands via a long set/runtime/diagnostic/pingIp parameter to Tools/toolsmisc.xgi...

CVE-2013-6349

McAfee Email Gateway MEG 7.0 before 7.0.4 and 7.5 before 7.5.1 allows remote authenticated users to execute arbitrary commands via unspecified vectors...

CVE-2022-27945

NETGEAR R8500 1.0.2.158 devices allow remote authenticated users to execute arbitrary commands such as telnetd via shell metacharacters in the sysNewPasswd and sysConfirmPasswd parameters to password.cgi...

CVE-2022-27946

NETGEAR R8500 1.0.2.158 devices allow remote authenticated users to execute arbitrary commands such as telnetd via shell metacharacters in the sysNewPasswd and sysConfirmPasswd parameters to adminaccount.cgi...

CVE-1999-0241

Guessable magic cookies in X Windows allows remote attackers to execute commands, e.g. through xterm...

CVE-1999-0360

MS Site Server 2.0 with IIS 4 can allow users to upload content, including ASP, to the target web site, thus allowing them to execute commands remotely...

CVE-1999-0247

Buffer overflow in nnrpd program in INN up to version 1.6 allows remote users to execute arbitrary commands...

CVE-1999-0067

phf CGI program allows remote command execution through shell metacharacters...

CVE-1999-0931

Buffer overflow in Mediahouse Statistics Server allows remote attackers to execute commands...

CVE-1999-0256

Buffer overflow in War FTP allows remote execution of commands...

CVE-1999-0687

The ToolTalk ttsession daemon uses weak RPC authentication, which allows a remote attacker to execute commands...