F5 iControl REST和F5 BIG-IP TMOS Shell 命令注入漏洞

F5 iControl REST and F5 BIG-IP TMOS Shell are both products of F5 Corporation, U.S.A. F5 iControl REST is a development framework. and F5 BIG-IP TMOS Shell is a command line. A command injection vulnerability exists in F5 iControl REST and F5 BIG-IP TMOS Shell that stems from command injection an...

CicadasCMS 命令注入漏洞

CicadasCMS is a content management framework based on SpringBoot Mybatis SpringSecurity Vue developed by westboy individual developer in China. A command injection vulnerability exists in CicadasCMS version 2.0, which stems from an os command injection issue in the schedule component of file...

CVE-2025-2947

IBM i 7.6 contains a privilege escalation vulnerability due to incorrect profile swapping in an OS command. A malicious actor can use the command to elevate privileges to gain root access to the host operating system...

CVE-2025-2947

IBM i 7.6 contains a privilege escalation vulnerability due to incorrect profile swapping in an OS command. A malicious actor can use the command to elevate privileges to gain root access to the host operating system...

Security Bulletin: Multiple vulnerabilities in XCC affect Cloud Pak System

Summary Multiple vulnerabilities in XCC affect Cloud Pak System. Vulnerability Details CVEID:CVE-2024-8281 DESCRIPTION: Lenovo XClarity Controller could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by an input validation weakness. An attacker could...

ABB Cylon FLXeon 9.3.4 - Remote Code Execution (RCE)

Exploit title: ABB Cylon FLXeon 9.3.4 - Remote Code Execution RCE Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: FLXeon Series FBXi Series, FBTi Series, FBVi Series CBX Series FLX Series CBT Series CBV Series Firmware: =9.3.4 Summary: BACnet® Smart Building Controller...

Inaba Denki Sangyo Wi-Fi AP UNIT 操作系统命令注入漏洞

The Inaba Denki Sangyo Wi-Fi AP UNIT is a Wi-Fi AP unit from Inaba Denki Sangyo, a Japanese company. An operating system command injection vulnerability exists in Inaba Denki Sangyo Wi-Fi AP UNIT v2.0.03P and prior versions, which stems from a service-specific operating system command injection...

Fortinet FortiIsolator 操作系统命令注入漏洞

Fortinet FortiIsolator is a Fortinet application that provides remote security isolation capabilities for browsers. The application adds additional advanced threat protection capabilities to the Fortinet Security Fabric and protects critical business data from sophisticated threats on the Web...

Exploit for Out-of-bounds Write in Gibbonedu Gibbon

CVE-2023-45878 GibbonEdu Arbitrary File Write to Web Shell...

CVE-2025-24377

Dell Unity, versions 5.4 and prior, contains an Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution and Elevation of privileges...

CVE-2025-22398

Dell Unity, versions 5.4 and prior, contains an Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to arbitrary command execution as root...

CVE-2025-24383

Dell Unity, versions 5.4 and prior, contains an Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability to delete arbitrary files. This vulnerability is...

Zyxel VMG8825-T50K 操作系统命令注入漏洞

The Zyxel VMG8825-T50K is an Internet access device from China Hopkins Zyxel. An operating system command injection vulnerability exists in Zyxel VMG8825-T50K V5.50ABOM.8.5C0 and earlier versions, which stems from a command injection in the DNSServer parameter in the diagnostic function, which...

VulnCheck KEV: CVE-2025-1316

Edimax IC-7100 IP camera contains an OS command injection vulnerability due to improper input sanitization that allows an attacker to achieve remote code execution via specially crafted requests. The impacted product could be end-of-life EoL and/or end-of-service EoS. Users should discontinue...

Linux Distros Unpatched Vulnerability : CVE-2021-36100

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Specially crafted string in OTRS system configuration can allow the execution of any system command. CVE-2021-36100 Note that Nessus relies on the presence of t...

Edimax IC-7100 操作系统命令注入漏洞

Edimax IC-7100 is a security camera from China Xunzhou Edimax. The Edimax IC-7100 IP Camera suffers from an operating system command injection vulnerability that stems from an improperly neutralized request and could lead to remote code execution...

Linux Distros Unpatched Vulnerability : CVE-2020-1930

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A command execution issue was found in Apache SpamAssassin prior to 3.4.3. Carefully crafted nefarious rule configuration .cf files can be configured to run...

acmailer CGI and acmailer DB vulnerable to OS command injection

Overview acmailer CGI and acmailer DB provided by Extra Innovation Inc. contain an OS command injection vulnerability CWE-78. Extra Innovation Inc. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and Extra Innovation Inc. coordinated under the...

CVE-2024-50567

An improper neutralization of special elements used in an os command 'os command injection' in Fortinet FortiWeb 7.4.0 through 7.6.0 allows attacker to execute unauthorized code or commands via crafted input...

Fortinet FortiWeb 操作系统命令注入漏洞

Fortinet FortiWeb is a web application layer firewall from Fortinet that blocks threats such as cross-site scripting, SQL injection, cookie poisoning, schema poisoning, and other attacks to secure web applications and protect sensitive database content. Fortinet FortiWeb suffers from an operating...