Total
5163 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-25607 | 1 Fortinet | 3 Fortiadc, Fortianalyzer, Fortimanager | 2025-12-16 | 7.4 High |
| An improper neutralization of special elements used in an OS Command ('OS Command Injection') vulnerability [CWE-78 ] in FortiManager 7.2.0 through 7.2.2, 7.0.0 through 7.0.7, 6.4.0 through 6.4.11, 6.2 all versions, 6.0 all versions, FortiAnalyzer 7.2.0 through 7.2.2, 7.0.0 through 7.0.7, 6.4.0 through 6.4.11, 6.2 all versions, 6.0 all versions and FortiADC 7.1.0, 7.0.0 through 7.0.3, 6.2 all versions, 6.1 all versions, 6.0 all versions management interface may allow an authenticated attacker with at least READ permissions on system settings to execute arbitrary commands on the underlying shell due to an unsafe usage of the wordexp function. | ||||
| CVE-2024-20720 | 1 Adobe | 1 Commerce | 2025-12-16 | 9.1 Critical |
| Adobe Commerce versions 2.4.6-p3, 2.4.5-p5, 2.4.4-p6 and earlier are affected by an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability that could lead in arbitrary code execution by an attacker. Exploitation of this issue does not require user interaction. | ||||
| CVE-2024-2389 | 1 Progress | 2 Flowmon, Flowmon Os | 2025-12-16 | 10 Critical |
| In Flowmon versions prior to 11.1.14 and 12.3.5, an operating system command injection vulnerability has been identified. An unauthenticated user can gain entry to the system via the Flowmon management interface, allowing for the execution of arbitrary system commands. | ||||
| CVE-2022-35849 | 1 Fortinet | 1 Fortiadc | 2025-12-16 | 7.4 High |
| An improper neutralization of special elements used in an OS command vulnerability [CWE-78] in the management interface of FortiADC 7.1.0 through 7.1.1, 7.0.0 through 7.0.3, 6.2.0 through 6.2.5 and 6.1.0 all versions may allow an authenticated attacker to execute unauthorized commands via specifically crafted arguments to existing commands. | ||||
| CVE-2024-58294 | 2 Freepbx, Sangoma | 2 Freepbx, Freepbx | 2025-12-16 | 8.8 High |
| FreePBX 16 contains an authenticated remote code execution vulnerability in the API module that allows attackers with valid session credentials to execute arbitrary commands. Attackers can exploit the 'generatedocs' endpoint by crafting malicious POST requests with bash command injection to establish remote shell access. | ||||
| CVE-2025-29269 | 1 Allnet | 2 All-rut22gw, All-rut22gw Firmware | 2025-12-16 | 9.8 Critical |
| ALLNET ALL-RUT22GW v3.3.8 was discovered to contain an OS command injection vulnerability via the command parameter in the popen.cgi endpoint. | ||||
| CVE-2024-29189 | 1 Ansys | 1 Pyansys Geometry | 2025-12-15 | 7.4 High |
| PyAnsys Geometry is a Python client library for the Ansys Geometry service and other CAD Ansys products. On file src/ansys/geometry/core/connection/product_instance.py, upon calling this method _start_program directly, users could exploit its usage to perform malicious operations on the current machine where the script is ran. This vulnerability is fixed in 0.3.3 and 0.4.12. | ||||
| CVE-2025-56129 | 1 Ruijie | 2 Rg-bcr860, Rg-bcr860 Firmware | 2025-12-15 | 8.8 High |
| OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing attackers to execute arbitrary commands via a crafted POST request to the action_diagnosis in file /usr/lib/lua/luci/controller/admin/diagnosis.lua. | ||||
| CVE-2025-36354 | 1 Ibm | 4 Security Verify Access, Security Verify Access Docker, Verify Identity Access and 1 more | 2025-12-15 | 7.3 High |
| IBM Security Verify Access and IBM Security Verify Access Docker 10.0.0.0 through 10.0.9.0 and 11.0.0.0 through 11.0.1.0 could allow an unauthenticated user to execute arbitrary commands with lower user privileges on the system due to improper validation of user supplied input. | ||||
| CVE-2025-13481 | 2 Ibm, Linux | 2 Aspera Orchestrator, Linux Kernel | 2025-12-15 | 8.8 High |
| IBM Aspera Orchestrator 4.0.0 through 4.1.0 could allow an authenticated user to execute arbitrary commands with elevated privileges on the system due to improper validation of user supplied input. | ||||
| CVE-2024-58314 | 1 Atcom | 1 100m Ip Phones | 2025-12-15 | 8.8 High |
| Atcom 100M IP Phones firmware version 2.7.x.x contains an authenticated command injection vulnerability in the web configuration CGI script that allows attackers to execute arbitrary system commands. Attackers can inject shell commands through the 'cmd' parameter in web_cgi_main.cgi, enabling remote code execution with administrative credentials. | ||||
| CVE-2024-14010 | 1 Typora | 1 Typora | 2025-12-15 | 9.8 Critical |
| Typora 1.7.4 contains a command injection vulnerability in the PDF export preferences that allows attackers to execute arbitrary system commands. Attackers can inject malicious commands into the 'run command' input field during PDF export to achieve remote code execution. | ||||
| CVE-2024-58286 | 1 Vexorian | 1 Dizquetv | 2025-12-15 | N/A |
| dizqueTV 1.5.3 contains a remote code execution vulnerability that allows attackers to inject arbitrary commands through the FFMPEG Executable Path settings. Attackers can modify the executable path with shell commands to read system files like /etc/passwd by exploiting improper input validation. | ||||
| CVE-2025-8693 | 1 Zyxel | 108 Ax7501-b0, Ax7501-b0 Firmware, Ax7501-b1 and 105 more | 2025-12-15 | 8.8 High |
| A post-authentication command injection vulnerability in the "priv" parameter of Zyxel DX3300-T0 firmware version 5.50(ABVY.6.3)C0 and earlier could allow an authenticated attacker to execute operating system (OS) commands on an affected device. | ||||
| CVE-2025-11490 | 1 Wonderwhy-er | 1 Desktopcommandermcp | 2025-12-12 | 6.3 Medium |
| A vulnerability has been found in wonderwhy-er DesktopCommanderMCP up to 0.2.13. The affected element is the function extractBaseCommand of the file src/command-manager.ts of the component Absolute Path Handler. Such manipulation leads to os command injection. The attack may be performed from remote. The exploit has been disclosed to the public and may be used. The vendor explains: "The usual use case is that AI is asked to do something, picks commands itself, and typically uses simple command names without absolute paths. It's curious why a user would ask the model to bypass restrictions this way. (...) This could potentially be a problem, but we are yet to hear reports of this being an issue in actual workflows. We'll leave this issue open for situations where people may report this as a problem for the long term." | ||||
| CVE-2025-11491 | 1 Wonderwhy-er | 1 Desktopcommandermcp | 2025-12-12 | 6.3 Medium |
| A vulnerability was found in wonderwhy-er DesktopCommanderMCP up to 0.2.13. The impacted element is the function CommandManager of the file src/command-manager.ts. Performing manipulation results in os command injection. It is possible to initiate the attack remotely. The exploit has been made public and could be used. | ||||
| CVE-2025-56123 | 1 Ruijie | 1 Rg-ew1200g Pro | 2025-12-12 | 8.8 High |
| OS Command Injection vulnerability in Ruijie RG-EW1200G PRO RG-EW1200G PRO V1.00/V2.00/V3.00/V4.00 allowing attackers to execute arbitrary commands via a crafted POST request to the module_get in file /usr/local/lua/dev_sta/networkConnect.lua. | ||||
| CVE-2025-56113 | 1 Ruijie | 2 Rg-yst Est, Ystap | 2025-12-12 | 8.8 High |
| OS Command Injection vulnerability in Ruijie RG-YST EST, YSTAP_3.0(1)B11P280YST250F V1.xxV2.xx allowing attackers to execute arbitrary commands via a crafted POST request to the pwdmodify in file /usr/lib/lua/luci/modules/common.lua. | ||||
| CVE-2025-56110 | 1 Ruijie | 1 Rg-bcr860 | 2025-12-12 | 8.8 High |
| OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing attackers to execute arbitrary commands via a crafted POST request to the action_deal_update in file /usr/lib/lua/luci/controller/api/rcmsAPI.lua. | ||||
| CVE-2025-56109 | 1 Ruijie | 1 Rg-bcr860 | 2025-12-12 | 8.8 High |
| OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing attackers to execute arbitrary commands via a crafted POST request to the action_wireless in file /usr/lib/lua/luci/control/admin/wireless.lua. | ||||