Design/Logic Flaw

The processCommandUploadLog function of libcommon.so in Petwant PF-103 firmware 4.22.2.42 and Petalk AI 3.2.2.30 allows remote attackers to execute arbitrary system commands as the root user...

Design/Logic Flaw

The processCommandSetMac function of libcommon.so in Petwant PF-103 firmware 4.22.2.42 and Petalk AI 3.2.2.30 allows remote attackers to execute arbitrary system commands as the root user...

CVE-2018-11805

In Apache SpamAssassin, multiple CVEs (notably CVE-2018-11805 and CVE-2020-1930) describe a command-execution flaw in which crafted configuration files (.cf) can run system commands with same privileges as the spamd process. The root cause is untrusted or crafted rule/config files enabling local ...

Amazon Blink XT2 Sync Module OS Command Injection Vulnerability (CNVD-2020-09704)

Blink XT2 Sync Module is a camera synchronization device. Amazon Blink XT2 Sync Module suffers from an operating system command injection vulnerability. The vulnerability arises from a network system or product not properly filtering special characters, commands, etc. from external input data...

FusionPBX Command exec.php Command Execution

This module uses administrative functionality available in FusionPBX to gain a shell. The Command section of the application permits users with execview permissions, or superadmin permissions, to execute arbitrary system commands, or arbitrary PHP code, as the web server user. This module has bee...

CVE-2019-16663

CVE-2019-16663 affects rConfig 3.9.2. An attacker can directly execute system commands by issuing a GET to search.crud.php, where the category command parameter (catCommand) is passed to exec without proper filtering, enabling command execution. The description specifies remote code execution via...

CVE-2019-13652

TP-Link M7350 devices through 1.0.16 Build 181220 Rel.1116n allow serviceName OS Command Injection issue 4 of 5...

Code injection

DISPUTED An issue was discovered in SageMath Sage Cell Server through 2019-10-05. Python Code Injection can occur in the context of an internet facing web application. Malicious actors can execute arbitrary commands on the underlying operating system, as demonstrated by an...

CVE-2019-14423

CVE-2019-14423 affects the CUx-Daemon addon (version 1.11a) used by eQ-3 Homematic CCU-Firmware, impacting firmware 2.35.16 up to 2.45.6. The issue enables remote authenticated attackers to execute system commands as root over a simple HTTP request due to the described RCE vulnerability. Source d...

PHP 7.0 < 7.3 (Unix) - 'gc' disable_functions Bypass

= 0; $j-- $address = 8; return $out; function write&$str, $p, $v, $n = 8 $i = 0; for$i = 0; $i = 8; function leak$addr, $p = 0, $s = 8 global $abc, $helper; write$abc, 0x68, $addr + $p - 0x10; $leak = strlen$helper-a; if$s != 8 $leak %= 2 $s 8 - 1; return $leak; function parseelf$base $etype =...

CVE-2019-15029

CVE-2019-15029 affects FusionPBX 4.4.8. An attacker can execute arbitrary system commands by submitting a malicious command to the service_edit.php file (command stored in the database). Trigger relies on calling services.php via a GET request with the service id and a=start to execute the stored...

CVE-2019-1984

A vulnerability in Cisco Enterprise Network Functions Virtualization Infrastructure Software NFVIS could allow an authenticated, remote attacker with administrator privileges to overwrite files on the underlying operating system OS of an affected device. The vulnerability is due to improper input...

CVE-2019-1984

Cisco NFVIS contains an input validation error in the NFVIS file-system command that, when exploited by an authenticated administrator, can overwrite arbitrary files on the underlying OS. The vulnerability affects Cisco NFVIS versions prior to 3.12.1 (as reported by CNVD) and is addressed by soft...

CVE-2019-13294

AROX School-ERP Pro has a command execution vulnerability. importstud.php and uploadfille.php do not have session control. Therefore an unauthenticated user can execute a command on the system...

Linux Mint 18.3-19.1 - yelp Command Injection Exploit

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework Exploit from github repro: https://github.com/b1ack0wl/linuxmintpoc class MetasploitModule "Linux Mint 'yelp' URI handler command injection vulnerability", 'Description'...

CVE-2019-7670

Prima Systems FlexAir, Versions 2.3.38 and prior. The application incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component, which could allow attackers to execute commands directly on the operating system...

Extract add-on for Nextcloud OS Command Injection Vulnerability

Extract add-on for Nextcloud is a set of component applications for Netcloud. An input validation vulnerability exists in Extract add-on for Nextcloud lib/Controller/ExtractionController.php, which allows remote attackers to submit a special request that can be used to execute arbitrary OS comman...

CVE-2018-7829

The CVE-2018-7829 entry affects Schneider Electric Pelco Sarix/Spectra Cameras (Sarix Enhanced and Spectra Enhanced PTZ) with an improper neutralization of special elements in a query that enables an attacker to execute arbitrary OS commands. The ZeroScience ZSL-2017 report details an authenticat...

CVE-2019-10916

CVE-2019-10916 affects Siemens SIMATIC PCS7 and WinCC/TIA Portal products (multiple versions). The root cause is SQL Injection in the project file handling, allowing an attacker who can access the project file to run arbitrary commands with the local database server’s privileges, impacting confid...

Gemalto Ezio Server Operating System Command Injection Vulnerability

Gemalto Ezio Server is an authentication server from Gemalto USA. An operating system command injection vulnerability exists in Gemalto Ezio Server versions prior to 3.1.0, which can be exploited by an attacker to execute illegal operating system commands...