CWE-78

High likelihood

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Parent: CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')

The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.

5,967 vulnerabilities with CWE-78
CVE-2025-12742 HIGH
Google Cloud Looker - Authenticated OS Command Injection via Teradata Driver Parameters
CVE-2025-64755 CRITICAL
Claude Code < 2.0.31 - Arbitrary File Write via sed Command Parsing Bypass
CVSS 9.8
CVE-2025-13087 MEDIUM
Opto22 GRV-EPIC and groov RIO < 4.0.3 - Authenticated Remote Code Execution via REST API Header Injection
CVSS 6.2
CVE-2025-12121 HIGH
Lite XL < 2.1.8 - OS Command Injection via system.exec Function
CVSS 7.3
CVE-2025-60738 CRITICAL
Ilevia EVE X1 Server Firmware <4.7.18.0.eden - RCE
CVSS 9.8
CVE-2025-63932 HIGH
D-Link DIR-868L HNAP SOAPAction - Unauthenticated Command Execution
CVSS 7.3
CVE-2025-34335 HIGH
AudioCodes Fax Server and Auto-Attendant IVR <= 2.6.23 - OS Command Injection
CVSS 8.8
CVE-2025-34334 HIGH
AudioCodes Fax Server and Auto-Attendant IVR <= 2.6.23 - Authenticated OS Command Injection via TestFax.php
CVSS 8.8
CVE-2025-37163 HIGH
Aruba Airwave < 8.3.0.5 - Authenticated OS Command Injection via Command Line Interface
CVSS 7.2
CVE-2025-37158 MEDIUM
ArubaOS-CX 10.10.0000-10.10.1169 - Authenticated Remote Code Execution via Command Injection
CVSS 6.7
CVE-2025-37157 MEDIUM
ArubaOS-CX 10.10.0000-10.10.1169 - Authenticated Remote Code Execution via Command Injection
CVSS 6.7
CVE-2025-58034 HIGH KEV
FortiWeb 7.0.0-7.0.11, 7.2.0-7.2.11, 7.4.0-7.4.10, 7.6.0-7.6.5, 8.0.0-8.0.1 - OS Command Injection
CVSS 7.2
CVE-2025-63408 HIGH
Local Agent DVR <6.6.1.0 - Path Traversal
CVSS 7.8
CVE-2025-8693 HIGH
Zyxel DX3300-T0 Firmware < 5.50(ABVY.6.3)C0 - Authenticated OS Command Injection via priv Parameter
CVSS 8.8
CVE-2025-13306 MEDIUM
D-Link DWR-M920, DWR-M921, DIR-822K, and DIR-825M - OS Command Injection via host Parameter
CVSS 6.3
CVE-2025-64756 HIGH
glob 10.2.0-10.4.9 and 11.0.0 - OS Command Injection via -c/--cmd Option
CVSS 7.5
CVE-2025-55055 MEDIUM
Maxum Rumpus - OS Command Injection
CVSS 6.8
CVE-2025-34322 HIGH
Nagios Log Server < 2026R1.0.1 - Authenticated OS Command Injection via Natural Language Queries
CVSS 7.2
CVE-2025-63916 HIGH
MyScreenTools v2.2.1.0 - Command Injection
CVSS 8.1
CVE-2025-13284 CRITICAL
ThinPLUS - Unauthenticated OS Command Injection
CVSS 9.8
CVE-2025-64444 HIGH
NCP-HG100 <1.4.48.16 - Command Injection
CVSS 7.2
CVE-2025-20349 MEDIUM
Cisco Catalyst Center - Command Injection
CVSS 6.3
CVE-2025-12763 MEDIUM
pgAdmin 4 < 9.10 - OS Command Injection via Backup and Restore File Path
CVSS 6.8
CVE-2025-42892 MEDIUM
SAP Business Connector - Authenticated OS Command Injection via Crafted Content Upload
CVSS 6.8
CVE-2025-10230 CRITICAL
Samba Active Directory WINS Hook - Remote Command Execution
CVSS 10.0
Details
Vulnerabilities 5,967
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits