CWE-78
High likelihoodImproper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.
6,017 vulnerabilities with CWE-78
CVE-2022-24389
HIGH
Fidelis Network & Deception <9.4.5 - Command Injection
CVSS 8.8
CVE-2022-24388
HIGH
Fidelis Network & Deception <9.4.5 - Command Injection
CVSS 8.8
CVE-2022-23673
HIGH
Aruba ClearPass Policy Manager <= 6.10.4, <= 6.9.9, <= 6.8.9-HF2, <= 6.7.x - Authenticated Remote Command Injection
CVSS 7.2
CVE-2022-23672
HIGH
Aruba ClearPass Policy Manager <= 6.10.4, <= 6.9.9, <= 6.8.9-HF2, <= 6.7.x - Authenticated Remote Command Injection
CVSS 7.2
CVE-2022-23667
HIGH
Aruba ClearPass Policy Manager <= 6.10.4, <= 6.9.9, <= 6.8.9-HF2, <= 6.7.x - Authenticated Remote Command Injection
CVSS 7.2
CVE-2022-23666
CRITICAL
Aruba ClearPass Policy Manager <= 6.10.4, <= 6.9.9, <= 6.8.9-HF2, <= 6.7.x - Authenticated Remote Command Injection
CVSS 9.1
CVE-2022-23665
CRITICAL
Aruba ClearPass Policy Manager <= 6.10.4, <= 6.9.9, <= 6.8.9-HF2, <= 6.7.x - Authenticated Remote Command Injection
CVSS 9.1
CVE-2022-23664
CRITICAL
Aruba ClearPass Policy Manager <= 6.10.4, <= 6.9.9, <= 6.8.9-HF2, <= 6.7.x - Authenticated Remote Command Injection
CVSS 9.1
CVE-2022-23663
CRITICAL
Aruba ClearPass Policy Manager <= 6.10.4, <= 6.9.9, <= 6.8.9-HF2, <= 6.7.x - Authenticated Remote Command Injection
CVSS 9.1
CVE-2022-23662
CRITICAL
Aruba ClearPass Policy Manager <= 6.10.4, <= 6.9.9, <= 6.8.9-HF2, <= 6.7.x - Authenticated Remote Command Injection
CVSS 9.1
CVE-2022-23661
CRITICAL
Aruba ClearPass Policy Manager <= 6.10.4, <= 6.9.9, <= 6.8.9-HF2, <= 6.7.x - Authenticated Remote Command Injection
CVSS 9.1
CVE-2022-26518
HIGH
InHand Networks InRouter302 V3.5.37 - Command Injection
CVSS 8.8
CVE-2022-26420
HIGH
InHand Networks InRouter302 V3.5.37 - Command Injection
CVSS 8.8
CVE-2022-26085
HIGH
InHand Networks InRouter302 V3.5.4 - Command Injection
CVSS 8.8
CVE-2022-26075
HIGH
InHand Networks InRouter302 V3.5.37 - Command Injection
CVSS 8.8
CVE-2022-26042
HIGH
InHand Networks InRouter302 V3.5.4 - Command Injection
CVSS 8.8
CVE-2022-26007
HIGH
InHand Networks InRouter302 V3.5.4 - Command Injection
CVSS 7.2
CVE-2022-29303
CRITICAL
KEV
SolarView Compact 6.00 - Command Injection
CVSS 9.8
CVE-2022-29539
CRITICAL
RESI Gemini-Net 4.2 - Unauthenticated OS Command Injection via Input Parameter
CVSS 9.8
CVE-2022-30525
CRITICAL
KEV
Zyxel Firewall SUID Binary Privilege Escalation
CVSS 9.8
CVE-2022-22454
HIGH
IBM InfoSphere Information Server 11.7 - Command Injection
CVSS 7.8
CVE-2022-28915
CRITICAL
D-Link DIR-816 A2_v1.10CNB04 - Command Injection
CVSS 9.8
CVE-2022-28913
CRITICAL
TOTOLink N600R V5.3c.7159_B20190425 - Command Injection
CVSS 9.8
CVE-2022-28912
CRITICAL
TOTOLink N600R V5.3c.7159_B20190425 - Command Injection
CVSS 9.8
CVE-2022-28911
CRITICAL
TOTOLink N600R V5.3c.7159_B20190425 - Command Injection
CVSS 9.8
Details
Vulnerabilities
6,017
Exploit Likelihood
High