CWE-78— OS Command Injection
5,510 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-78page 10 of 111
- CVE-2018-12670CRITICALCVSS 9.8EG 9.82018-10-19
SV3C L-SERIES HD CAMERA V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B devices allow OS Command Injection.
- CVE-2018-12692HIGHCVSS 8.8EG 8.82018-06-23
TP-Link TL-WA850RE Wi-Fi Range Extender with hardware version 5 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the wps_setup_pin parameter to /data/wps.setup.json.
- CVE-2018-12972CRITICALCVSS 9.8EG 9.82018-06-29
An issue was discovered in OpenTSDB 2.3.0. Many parameters to the /q URI can execute commands, including o, key, style, and yrange and y2range and their JSON input.
- CVE-2018-13023HIGHCVSS 8.8EG 8.82018-11-27
System command injection vulnerability in wifi_access in Xiaomi Mi Router 3 version 2.22.15 allows attackers to execute system commands via the "timeout" URL parameter.
- CVE-2018-13284HIGHCVSS 7.5EG 8.82019-04-01
Command injection vulnerability in ftpd in Synology Diskstation Manager (DSM) before 6.2-23739-1 allows remote authenticated users to execute arbitrary OS commands via the (1) MKD or (2) RMD command.
- CVE-2018-13285HIGHCVSS 7.5EG 8.82019-04-01
Command injection vulnerability in ftpd in Synology Router Manager (SRM) before 1.1.7-6941-1 allows remote authenticated users to execute arbitrary OS commands via the (1) MKD or (2) RMD command.
- CVE-2018-13306CRITICALCVSS 9.8EG 9.82018-11-27
System command injection in formDlna in TOTOLINK A3002RU version 1.0.8 allows attackers to execute system commands via the "ftpUser" POST parameter.
- CVE-2018-13307CRITICALCVSS 9.8EG 9.82018-11-27
System command injection in fromNtp in TOTOLINK A3002RU version 1.0.8 allows attackers to execute system commands via the "ntpServerIp2" POST parameter. Certain payloads cause the device to become permanently inoperable.
- CVE-2018-13311CRITICALCVSS 9.8EG 9.82018-11-26
System command injection in formDlna in TOTOLINK A3002RU version 1.0.8 allows attackers to execute system commands via the "sambaUser" POST parameter.
- CVE-2018-13314CRITICALCVSS 9.8EG 9.82018-11-27
System command injection in formAliasIp in TOTOLINK A3002RU version 1.0.8 allows attackers to execute system commands via the "ipAddr" POST parameter.
- CVE-2018-13316CRITICALCVSS 9.8EG 9.82018-11-27
System command injection in formAliasIp in TOTOLINK A3002RU version 1.0.8 allows attackers to execute system commands via the "subnet" POST parameter.
- CVE-2018-13318HIGHCVSS 7.2EG 7.22018-11-26
System command injection in User.create method in Buffalo TS5600D1206 version 3.61-0.10 allows attackers to execute system commands via the "name" parameter.
- CVE-2018-13320HIGHCVSS 7.2EG 7.22018-11-26
System Command Injection in network.set_auth_settings in Buffalo TS5600D1206 version 3.70-0.10 allows attackers to execute system commands via the adminUsername and adminPassword parameters.
- CVE-2018-13330HIGHCVSS 7.2EG 7.22018-11-27
System command injection in ajaxdata.php in TerraMaster TOS version 3.1.03 allows attackers to execute system commands during group creation via the "groupname" parameter.
- CVE-2018-13336CRITICALCVSS 9.8EG 9.82018-11-27
System command injection in ajaxdata.php in TerraMaster TOS version 3.1.03 allows attackers to execute system commands via the "pwd" parameter during user creation.
- CVE-2018-13338CRITICALCVSS 9.8EG 9.82018-11-27
System command injection in ajaxdata.php in TerraMaster TOS version 3.1.03 allows attackers to execute system commands via the "username" parameter during user creation.
- CVE-2018-13353HIGHCVSS 8.8EG 8.82018-11-27
System command injection in ajaxdata.php in TerraMaster TOS version 3.1.03 allows attackers to execute commands via the "checkport" parameter.
- CVE-2018-13354CRITICALCVSS 9.8EG 9.82018-11-27
System command injection in logtable.php in TerraMaster TOS version 3.1.03 allows attackers to execute system commands via the "Event" parameter.
- CVE-2018-13358HIGHCVSS 8.8EG 8.82018-11-27
System command injection in ajaxdata.php in TerraMaster TOS version 3.1.03 allows attackers to execute system commands via the "checkName" parameter.
- CVE-2018-13418HIGHCVSS 8.8EG 8.82018-11-27
System command injection in ajaxdata.php in TerraMaster TOS 3.1.03 allows attackers to execute system commands via the "newname" parameter.
- CVE-2018-13797CRITICALCVSS 9.8EG 9.82018-07-10
The macaddress module before 0.2.9 for Node.js is prone to an arbitrary command injection flaw, due to allowing unsanitized input to an exec (rather than execFile) call.
- CVE-2018-14010CRITICALCVSS 9.8EG 9.82018-07-15
OS command injection in the guest Wi-Fi settings feature in /cgi-bin/luci on Xiaomi R3P before 2.14.5, R3C before 2.12.15, R3 before 2.22.15, and R3D before 2.26.4 devices allows an attacker to execute any command via crafted JSON data.
- CVE-2018-14060CRITICALCVSS 9.8EG 9.82018-07-15
OS command injection in the AP mode settings feature in /cgi-bin/luci /api/misystem/set_router_wifiap on Xiaomi R3D before 2.26.4 devices allows an attacker to execute any command via crafted JSON data.
- CVE-2018-14354CRITICALCVSS 9.8EG 9.82018-07-17
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. They allow remote IMAP servers to execute arbitrary commands via backquote characters, related to the mailboxes command associated with a manual subscription or u…
- CVE-2018-14357CRITICALCVSS 9.8EG 9.82018-07-17
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. They allow remote IMAP servers to execute arbitrary commands via backquote characters, related to the mailboxes command associated with an automatic subscription.
- CVE-2018-14417CRITICALCVSS 9.8EG 9.82018-08-04
A command injection vulnerability was found in the web administration console in SoftNAS Cloud before 4.0.3. In particular, the snserv script did not sanitize the 'recentVersion' parameter from the snserv endpoint, allowing an unauthentica…
- CVE-2018-14494CRITICALCVSS 9.8EG 9.82019-07-10
Vivotek FD8136 devices allow Remote Command Injection, related to BusyBox and wget. NOTE: the vendor sent a clarification on 2019-09-17 explaining that, although this CVE was first populated in July 2019, it is a historical vulnerability t…
- CVE-2018-14495CRITICALCVSS 9.8EG 9.82019-07-10
Vivotek FD8136 devices allow Remote Command Injection, aka "another command injection vulnerability in our target device," a different issue than CVE-2018-14494. NOTE: The vendor has disputed this as a vulnerability and states that the iss…
- CVE-2018-14558CRITICALCVSS 9.8EG 9.8⚠ KEV2018-10-30
An issue was discovered on Tenda AC7 devices with firmware through V15.03.06.44_CN(AC7), AC9 devices with firmware through V15.03.05.19(6318)_CN(AC9), and AC10 devices with firmware through V15.03.06.23_CN(AC10). A command Injection vulner…
- CVE-2018-14572HIGHCVSS 7.8EG 7.82018-08-28
In conference-scheduler-cli, a pickle.load call on imported data allows remote attackers to execute arbitrary code via a crafted .pickle file, as demonstrated by Python code that contains an os.system call.
- CVE-2018-14699CRITICALCVSS 9.8EG 9.82018-12-03
System command injection in the /DroboAccess/enable_user endpoint in Drobo 5N2 NAS version 4.0.5-13.28.96115 allows unauthenticated attackers to execute system commands via the "username" URL parameter.
- CVE-2018-14701CRITICALCVSS 9.8EG 9.82018-12-03
System command injection in the /DroboAccess/delete_user endpoint in Drobo 5N2 NAS version 4.0.5-13.28.96115 allows unauthenticated attackers to execute system commands via the "username" URL parameter.
- CVE-2018-14706CRITICALCVSS 9.8EG 9.82018-12-03
System command injection in the /DroboPix/api/drobopix/demo endpoint on Drobo 5N2 NAS version 4.0.5-13.28.96115 allows unauthenticated attackers to execute system commands via the payload in a POST request.
- CVE-2018-14772HIGHCVSS 7.2EG 7.22018-10-16
Pydio 4.2.1 through 8.2.1 has an authenticated remote code execution vulnerability in which an attacker with administrator access to the web application can execute arbitrary code on the underlying system via Command Injection.
- CVE-2018-14839CRITICALCVSS 9.8EG 9.8⚠ KEV2019-05-14
LG N1A1 NAS 3718.510 is affected by: Remote Command Execution. The impact is: execute arbitrary code (remote). The attack vector is: HTTP POST with parameters.
- CVE-2018-14860CRITICALCVSS 9.1EG 9.12019-07-03
Improper sanitization of dynamic user expressions in Odoo Community 11.0 and earlier and Odoo Enterprise 11.0 and earlier allows authenticated privileged users to escape from the dynamic expression sandbox and execute arbitrary code on the…
- CVE-2018-14893HIGHCVSS 8.8EG 8.82018-11-27
A system command injection vulnerability in zyshclient in ZyXEL NSA325 V2 version 4.81 allows attackers to execute system commands via the web application API.
- CVE-2018-14933CRITICALCVSS 9.8EG 9.8⚠ KEV2018-08-04
upgrade_handle.php on NUUO NVRmini devices allows Remote Command Execution via shell metacharacters in the uploaddir parameter for a writeuploaddir command.
- CVE-2018-14998MEDIUMCVSS 6.8EG 6.82018-12-28
The Leagoo P1 Android device with a build fingerprint of sp7731c_1h10_32v4_bird:6.0/MRA58K/android.20170629.214736:user/release-keys contains a hidden root privilege escalation capability to achieve command execution as the root user. They…
- CVE-2018-15007HIGHCVSS 7.8EG 7.82018-12-28
The Sky Elite 6.0L+ Android device with a build fingerprint of SKY/x6069_trx_l601_sky/x6069_trx_l601_sky:6.0/MRA58K/1482897127:user/release-keys contains a pre-installed platform app with a package name of com.fw.upgrade.sysoper (versionCo…
- CVE-2018-15153HIGHCVSS 8.8EG 8.82018-08-15
OS command injection occurring in versions of OpenEMR before 5.0.1.4 allows a remote authenticated attacker to execute arbitrary commands by making a crafted request to interface/main/daemon_frame.php after modifying the "hylafax_server" g…
- CVE-2018-15154HIGHCVSS 8.8EG 8.82018-08-15
OS command injection occurring in versions of OpenEMR before 5.0.1.4 allows a remote authenticated attacker to execute arbitrary commands by making a crafted request to interface/billing/sl_eob_search.php after modifying the "print_command…
- CVE-2018-15155HIGHCVSS 8.8EG 8.82018-08-15
OS command injection occurring in versions of OpenEMR before 5.0.1.4 allows a remote authenticated attacker to execute arbitrary commands by making a crafted request to interface/fax/fax_dispatch.php after modifying the "hylafax_enscript" …
- CVE-2018-15156HIGHCVSS 8.8EG 8.82018-08-15
OS command injection occurring in versions of OpenEMR before 5.0.1.4 allows a remote authenticated attacker to execute arbitrary commands by making a crafted request to interface/fax/faxq.php after modifying the "hylafax_server" global var…
- CVE-2018-15368MEDIUMCVSS 6.7EG 6.72018-10-05
A vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to gain access to the underlying Linux shell of an affected device and execute arbitrary commands with root privileges on the device. T…
- CVE-2018-15380HIGHCVSS 8.8EG 8.82019-02-20
A vulnerability in the cluster service manager of Cisco HyperFlex Software could allow an unauthenticated, adjacent attacker to execute commands as the root user. The vulnerability is due to insufficient input validation. An attacker could…
- CVE-2018-15442HIGHCVSS 7.8EG 7.82018-10-24
A vulnerability in the update service of Cisco Webex Meetings Desktop App for Windows could allow an authenticated, local attacker to execute arbitrary commands as a privileged user. The vulnerability is due to insufficient validation of u…
- CVE-2018-15477CRITICALCVSS 9.8EG 9.82018-08-30
myStrom WiFi Switch V1 devices before 2.66 did not sanitize a parameter received from the cloud that was used in an OS command. Malicious servers were able to run operating system commands on the device.
- CVE-2018-15481HIGHCVSS 8.8EG 8.82018-08-21
Improper input sanitization within the restricted administration shell on UCOPIA Wireless Appliance devices using firmware version 5.1.x before 5.1.13 allows authenticated remote attackers to escape the shell and escalate their privileges …
- CVE-2018-15484CRITICALCVSS 9.8EG 9.82018-09-07
An issue was discovered on KONE Group Controller (KGC) devices before 4.6.5. Unauthenticated Remote Code Execution is possible through the open HTTP interface by modifying autoexec.bat, aka KONE-01.
Map vulnerabilities like CWE-78 to your infrastructure
EchelonGraph correlates every CVE — across CWE-78 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →