CWE-78
High likelihoodImproper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.
6,016 vulnerabilities with CWE-78
CVE-2022-41396
HIGH
Tenda AC1200 Router - Command Injection
CVSS 7.8
CVE-2022-41395
HIGH
Tenda AC1200 Router - Command Injection
CVSS 7.8
CVE-2022-40847
HIGH
Tenda AC1200 Router - Command Injection
CVSS 7.8
CVE-2022-38387
HIGH
IBM Cloud Pak for Security (CP4S) <1.10.2.0 - Command Injection
CVSS 7.1
CVE-2022-35717
HIGH
IBM InfoSphere Information Server 11.7 - Command Injection
CVSS 7.8
CVE-2022-35642
MEDIUM
IBM InfoSphere Information Server 11.7 - XSS
CVSS 5.4
CVE-2022-33870
HIGH
FortiTester <4.2.0 - Command Injection
CVSS 7.8
CVE-2022-40741
CRITICAL
Mail SQR Expert - Unauthenticated OS Command Injection
CVSS 9.8
CVE-2022-44019
HIGH
Total.js < 2022-09-26 - Remote Command Execution via Host Parameter
CVSS 8.8
CVE-2022-37915
CRITICAL
Aruba EdgeConnect Enterprise Orchestrator 9.1.0-9.1.3.40197 - Unauthenticated Remote Code Execution
CVSS 9.8
CVE-2022-42055
MEDIUM
GL.iNet GoodCloud 1.00.220412.00 - OS Command Injection via Ping and Traceroute Tools
CVSS 6.5
CVE-2022-31898
MEDIUM
GL.iNet GL-MT300N-V2 and GL-AX1800 Firmware - OS Command Injection via Ping and Trace Parameters
CVSS 6.8
CVE-2022-42999
HIGH
D-Link DIR-816 A2 1.10 B05 - OS Command Injection via admuser and admpass Parameters
CVSS 7.5
CVE-2022-39327
HIGH
Azure CLI < 2.40.0 - OS Command Injection via PowerShell Special Characters
CVSS 8.1
CVE-2022-39321
HIGH
GitHub Actions Runner OS Command Injection via Docker CLI Environment Variable
CVSS 8.8
CVE-2022-35132
HIGH
Usermin < 1.850 - Authenticated OS Command Injection via GPG Module Filename
CVSS 8.8
CVE-2022-34850
HIGH
Robustel R1510 Firmware 3.1.16 and 3.3.0 - OS Command Injection via Import Authorized Keys Endpoint
CVSS 7.2
CVE-2022-33207
CRITICAL
Abode Systems, Inc. iota - Command Injection
CVSS 9.9
CVE-2022-33206
CRITICAL
Abode Systems iota - Command Injection
CVSS 9.9
CVE-2022-33205
CRITICAL
Abode Systems iota - Command Injection
CVSS 9.9
CVE-2022-33204
CRITICAL
Abode Systems iota - Command Injection
CVSS 9.9
CVE-2022-33195
CRITICAL
Abode Systems iota - Command Injection
CVSS 10.0
CVE-2022-33194
CRITICAL
Abode Systems, Inc. iota All-In-One Security Kit <6.9X,6.9Z - Comma...
CVSS 10.0
CVE-2022-33193
CRITICAL
Abode Systems, Inc. iota - Command Injection
CVSS 10.0
CVE-2022-33192
CRITICAL
Abode Systems, Inc. iota - Command Injection
CVSS 10.0
Details
Vulnerabilities
6,016
Exploit Likelihood
High