CWE-78
High likelihoodImproper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.
6,055 vulnerabilities with CWE-78
CVE-2017-6714
CRITICAL
Cisco Ultra Services Framework Staging Server <5.0.3-5.1 - RCE
CVSS 9.8
CVE-2017-6712
HIGH
Cisco Elastic Services Controller - Authenticated Privilege Escalation and OS Command Injection via Tomcat User
CVSS 8.8
CVE-2017-6707
HIGH
Cisco StarOS 11.0-21.0 - Authenticated OS Command Injection via CLI Command Parsing
CVSS 8.2
CVE-2017-1253
CRITICAL
IBM Security Guardium 10.0 - Authenticated OS Command Injection
CVSS 9.9
CVE-2017-8116
CRITICAL
Teltonika RUT9XX Firmware < 00.03.265 - Unauthenticated Remote Code Execution via Username Parameter
CVSS 9.8
CVE-2017-2850
HIGH
Foscam C1 Indoor HD Camera Firmware 2.52.2.37 - OS Command Injection via Username Change
CVSS 8.8
CVE-2017-2849
HIGH
Foscam C1 Indoor HD Camera Firmware 2.52.2.37 - OS Command Injection via NTP Server Configuration
CVSS 8.8
CVE-2017-2848
HIGH
Foscam C1 Indoor HD Camera Firmware 2.52.2.37 - OS Command Injection via Manual Network Configuration
CVSS 8.8
CVE-2017-2847
HIGH
Foscam C1 Indoor HD Camera Firmware 2.52.2.37 - OS Command Injection via Manual Network Configuration
CVSS 8.8
CVE-2017-2846
HIGH
Foscam C1 Indoor HD Camera Firmware 2.52.2.37 - OS Command Injection via Network Configuration
CVSS 8.8
CVE-2017-2845
HIGH
Foscam C1 Indoor HD Camera Firmware 2.52.2.37 - OS Command Injection via SMTP Configuration Test
CVSS 8.8
CVE-2017-2844
HIGH
Foscam C1 Indoor HD Camera Firmware 2.52.2.37 - OS Command Injection via msmtprc Configuration File
CVSS 8.8
CVE-2017-2843
HIGH
Foscam C1 Indoor HD Camera Firmware 2.52.2.37 - OS Command Injection via msmtprc Configuration File
CVSS 8.8
CVE-2017-2842
HIGH
Foscam C1 Indoor HD Camera Firmware 2.52.2.37 - OS Command Injection via msmtprc Configuration File
CVSS 8.8
CVE-2017-2841
HIGH
Foscam C1 Indoor HD Camera Firmware 2.52.2.37 - OS Command Injection via msmtprc Configuration File
CVSS 8.8
CVE-2017-9828
CRITICAL
VIVOTEK Network Cameras - Command Injection
CVSS 9.8
CVE-2017-2828
HIGH
Foscam C1 Indoor HD Camera Firmware 2.52.2.37 - OS Command Injection via Account Creation
CVSS 8.8
CVE-2017-2827
HIGH
Foscam C1 Indoor HD Camera Firmware 2.52.2.37 - OS Command Injection via Account Creation
CVSS 8.8
CVE-2017-9757
HIGH
IPFire < 2.19 - Authenticated Remote Command Injection via OINKCODE Parameter
CVSS 8.8
CVE-2017-9736
CRITICAL
SPIP 3.1.x < 3.1.6 and 3.2.x < Beta 3 - Remote Code Execution via Host Field
CVSS 9.8
CVE-2017-6683
HIGH
Cisco Elastic Services Controller 2.2(9.76) - Authenticated Remote Code Execution via esc_listener.py
CVSS 8.8
CVE-2017-6682
HIGH
Cisco Elastic Services Controller 2.2(9.76) - Authenticated OS Command Injection via ConfD CLI
CVSS 8.8
CVE-2017-2824
HIGH
Zabbix Server 2.4.X - Remote Code Execution via Trapper Command Injection
CVSS 8.1
CVE-2017-5173
CRITICAL
Geutebruck IP Camera G-Cam/EFD-2250 <1.11.0.12 - Command Injection
CVSS 9.8
CVE-2017-8799
CRITICAL
iRODS < 4.1.11 and 4.2.1 - Remote Code Execution via igetwild Virtual Pathname
CVSS 9.8
Details
Vulnerabilities
6,055
Exploit Likelihood
High