Total
4638 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-34186 | 1 Ilevia | 2 Eve X1 Server, Eve X1 Server Firmware | 2025-09-25 | N/A | 9.8 CRITICAL |
| Ilevia EVE X1/X5 Server version ≤ 4.7.18.0.eden contains a vulnerability in its authentication mechanism. Unsanitized input is passed to a system() call for authentication, allowing attackers to inject special characters and manipulate command parsing. Due to the binary's interpretation of non-zero exit codes as successful authentication, remote attackers can bypass authentication and gain full access to the system. | |||||
| CVE-2025-34184 | 1 Ilevia | 2 Eve X1 Server, Eve X1 Server Firmware | 2025-09-25 | N/A | 9.8 CRITICAL |
| Ilevia EVE X1 Server version ≤ 4.7.18.0.eden contains an unauthenticated OS command injection vulnerability in the /ajax/php/login.php script. Remote attackers can execute arbitrary system commands by injecting payloads into the 'passwd' HTTP POST parameter, leading to full system compromise or denial of service. | |||||
| CVE-2025-34187 | 1 Ilevia | 2 Eve X1 Server, Eve X1 Server Firmware | 2025-09-25 | N/A | 8.8 HIGH |
| Ilevia EVE X1/X5 Server version ≤ 4.7.18.0.eden contains a misconfiguration in the sudoers file that allows passwordless execution of certain Bash scripts. If these scripts are writable by web-facing users or accessible via command injection, attackers can replace them with malicious payloads. Execution with sudo grants full root access, resulting in remote privilege escalation and potential system compromise. | |||||
| CVE-2024-50390 | 1 Qnap | 1 Qurouter | 2025-09-24 | N/A | 9.8 CRITICAL |
| A command injection vulnerability has been reported to affect QHora. If exploited, the vulnerability could allow remote attackers to execute arbitrary commands. We have already fixed the vulnerability in the following version: QuRouter 2.4.5.032 and later | |||||
| CVE-2024-53700 | 1 Qnap | 1 Qurouter | 2025-09-24 | N/A | 7.2 HIGH |
| A command injection vulnerability has been reported to affect QHora. If exploited, the vulnerability could allow remote attackers who have gained administrator access to execute arbitrary commands. We have already fixed the vulnerability in the following version: QuRouter 2.4.6.028 and later | |||||
| CVE-2024-13087 | 1 Qnap | 1 Qurouter | 2025-09-24 | N/A | 6.7 MEDIUM |
| A command injection vulnerability has been reported to affect QHora. If an attacker gains local network access who have also gained an administrator account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the following version: QuRouter 2.4.6.028 and later | |||||
| CVE-2025-56819 | 2025-09-24 | N/A | 9.8 CRITICAL | ||
| An issue in Datart v.1.0.0-rc.3 allows a remote attacker to execute arbitrary code via the INIT connection parameter. | |||||
| CVE-2023-23356 | 1 Qnap | 1 Qufirewall | 2025-09-24 | N/A | 5.5 MEDIUM |
| A command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to execute arbitrary commands. We have already fixed the vulnerability in the following versions: QuFirewall 2.3.3 ( 2023/03/27 ) and later and later | |||||
| CVE-2024-48861 | 1 Qnap | 1 Qurouter | 2025-09-24 | N/A | 7.8 HIGH |
| An OS command injection vulnerability has been reported to affect several product versions. If exploited, the vulnerability could allow local network attackers to execute commands. We have already fixed the vulnerability in the following versions: QuRouter 2.4.4.106 and later | |||||
| CVE-2024-48860 | 1 Qnap | 1 Qurouter | 2025-09-24 | N/A | 9.8 CRITICAL |
| An OS command injection vulnerability has been reported to affect several product versions. If exploited, the vulnerability could allow remote attackers to execute commands. We have already fixed the vulnerability in the following version: QuRouter 2.4.3.103 and later | |||||
| CVE-2025-29887 | 1 Qnap | 1 Qurouter | 2025-09-24 | N/A | 7.2 HIGH |
| A command injection vulnerability has been reported to affect QuRouter 2.5.1. If a remote attacker gains an administrator account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the following version: QuRouter 2.5.1.060 and later | |||||
| CVE-2025-9494 | 2025-09-24 | N/A | N/A | ||
| An OS command injection vulnerability has been discovered in the Vitogate 300, which can be exploited by malicious users to compromise affected installations. Specifically, the `/cgi-bin/vitogate.cgi` endpoint is affected, when the `form` JSON parameter is set to `form-0-2`. The vulnerability stems from the fact that that function at offset 0x21c24 does not properly sanitize supplied input before interpolating it into a format string which gets passed to `popen()`. Consequently, an authenticated attacker is able to inject arbitrary OS commands and thus gain code execution on affected devices. | |||||
| CVE-2025-59534 | 2025-09-24 | N/A | 7.3 HIGH | ||
| CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. Prior to version 1.4.2, there is a command Injection vulnerability in initialize_kerberos_keytab_file_login(). The vulnerability exists because the code directly interpolates user-controlled input into a shell command and executes it via system() without any sanitization or validation. This issue has been patched in version 1.4.2. | |||||
| CVE-2018-25115 | 1 Dlink | 14 Dir-110, Dir-110 Firmware, Dir-412 and 11 more | 2025-09-24 | N/A | 9.8 CRITICAL |
| Multiple D-Link DIR-series routers, including DIR-110, DIR-412, DIR-600, DIR-610, DIR-615, DIR-645, and DIR-815 firmware version 1.03, contain a vulnerability in the service.cgi endpoint that allows remote attackers to execute arbitrary system commands without authentication. The flaw stems from improper input handling in the EVENT=CHECKFW parameter, which is passed directly to the system shell without sanitization. A crafted HTTP POST request can inject commands that are executed with root privileges, resulting in full device compromise. These router models are no longer supported at the time of assignment and affected version ranges may vary. Exploitation evidence was first observed by the Shadowserver Foundation on 2025-08-21 UTC. | |||||
| CVE-2011-10026 | 1 Spreecommerce | 1 Spree | 2025-09-24 | N/A | 9.8 CRITICAL |
| Spreecommerce versions prior to 0.50.x contain a remote command execution vulnerability in the API's search functionality. Improper input sanitation allows attackers to inject arbitrary shell commands via the search[instance_eval] parameter, which is dynamically invoked using Ruby’s send method. This flaw enables unauthenticated attackers to execute commands on the server. | |||||
| CVE-2013-10061 | 1 Netgear | 2 Dgn1000b, Dgn1000b Firmware | 2025-09-23 | N/A | 7.2 HIGH |
| An authenticated OS command injection vulnerability exists in Netgear routers (tested on the DGN1000B model firmware versions 1.1.00.24 and 1.1.00.45) via the TimeToLive parameter in the setup.cgi endpoint. The vulnerability arises from improper input neutralization, enabling command injection through crafted POST requests. This flaw enables remote attackers to deploy payloads or manipulate system state post-authentication. | |||||
| CVE-2013-10059 | 1 Dlink | 2 Dir-615h, Dir-615h Firmware | 2025-09-23 | N/A | 7.2 HIGH |
| An authenticated OS command injection vulnerability exists in various D-Link routers (tested on DIR-615H1 running firmware version 8.04) via the tools_vct.htm endpoint. The web interface fails to sanitize input passed from the ping_ipaddr parameter to the tools_vct.htm diagnostic interface, allowing attackers to inject arbitrary shell commands using backtick encapsulation. With default credentials, an attacker can exploit this blind injection vector to execute arbitrary commands. | |||||
| CVE-2013-10069 | 1 Dlink | 4 Dir-300, Dir-300 Firmware, Dir-600 and 1 more | 2025-09-23 | N/A | 9.8 CRITICAL |
| The web interface of multiple D-Link routers, including DIR-600 rev B (≤2.14b01) and DIR-300 rev B (≤2.13), contains an unauthenticated OS command injection vulnerability in command.php, which improperly handles the cmd POST parameter. A remote attacker can exploit this flaw without authentication to spawn a Telnet service on a specified port, enabling persistent interactive shell access as root. | |||||
| CVE-2013-10048 | 1 Dlink | 4 Dir-300, Dir-300 Firmware, Dir-600 and 1 more | 2025-09-23 | N/A | 9.8 CRITICAL |
| An OS command injection vulnerability exists in various legacy D-Link routers—including DIR-300 rev B and DIR-600 (firmware ≤ 2.13 and ≤ 2.14b01, respectively)—due to improper input handling in the unauthenticated command.php endpoint. By sending specially crafted POST requests, a remote attacker can execute arbitrary shell commands with root privileges, allowing full takeover of the device. This includes launching services such as Telnet, exfiltrating credentials, modifying system configuration, and disrupting availability. The flaw stems from the lack of authentication and inadequate sanitation of the cmd parameter. | |||||
| CVE-2013-10050 | 1 Dlink | 4 Dir-300, Dir-300 Firmware, Dir-615 and 1 more | 2025-09-23 | N/A | 8.8 HIGH |
| An OS command injection vulnerability exists in multiple D-Link routers—confirmed on DIR-300 rev A (v1.05) and DIR-615 rev D (v4.13)—via the authenticated tools_vct.xgi CGI endpoint. The web interface fails to properly sanitize user-supplied input in the pingIp parameter, allowing attackers with valid credentials to inject arbitrary shell commands. Exploitation enables full device compromise, including spawning a telnet daemon and establishing a root shell. The vulnerability is present in firmware versions that expose tools_vct.xgi and use the Mathopd/1.5p6 web server. No vendor patch is available, and affected models are end-of-life. | |||||