Total
5311 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-24576 | 3 Fedoraproject, Microsoft, Rust-lang | 3 Fedora, Windows, Rust | 2026-01-05 | N/A | 10.0 CRITICAL |
|
Rust is a programming language. The Rust Security Response WG was notified that the Rust standard library prior to version 1.77.2 did not properly escape arguments when invoking batch files (with the `bat` and `cmd` extensions) on Windows using the `Command`. An attacker able to control the arguments passed to the spawned process could execute arbitrary shell commands by bypassing the escaping. The severity of this vulnerability is critical for those who invoke batch files on Windows with untrus ...
Show More |
|||||
| CVE-2024-22423 | 1 Yt-dlp Project | 1 Yt-dlp | 2026-01-05 | N/A | 8.3 HIGH |
|
yt-dlp is a youtube-dl fork with additional features and fixes. The patch that addressed CVE-2023-40581 attempted to prevent RCE when using `--exec` with `%q` by replacing double quotes with two double quotes. However, this escaping is not sufficient, and still allows expansion of environment variables. Support for output template expansion in `--exec`, along with this vulnerable behavior, was added to `yt-dlp` in version 2021.04.11. yt-dlp version 2024.04.09 fixes this issue by properly escapin ...
Show More |
|||||
| CVE-2025-65882 | 1 Openmptcprouter | 1 Openmptcprouter | 2026-01-02 | N/A | 9.8 CRITICAL |
|
An issue was discovered in openmptcprouter thru 0.64 in file common/package/utils/sys-upgrade-helper/src/tools/sysupgrade.c in function create_xor_ipad_opad allowing attackers to potentially write arbitrary files or execute arbitrary commands.
|
|||||
| CVE-2025-67164 | 1 Pagekit | 1 Pagekit | 2026-01-02 | N/A | 9.9 CRITICAL |
|
An authenticated arbitrary file upload vulnerability in the /storage/poc.php component of Pagekit CMS v1.0.18 allows attackers to execute arbitrary code via uploading a crafted PHP file.
|
|||||
| CVE-2020-7242 | 1 Comtech | 2 Stampede Fx-1010, Stampede Fx-1010 Firmware | 2026-01-02 | 9.0 HIGH | 7.2 HIGH |
|
Comtech Stampede FX-1010 7.4.3 devices allow remote authenticated administrators to achieve remote code execution by navigating to the Diagnostics Trace Route page and entering shell metacharacters in the Target IP address field. (In some cases, authentication can be achieved with the comtech password for the comtech account.)
|
|||||
| CVE-2020-7243 | 1 Comtech | 2 Stampede Fx-1010, Stampede Fx-1010 Firmware | 2026-01-02 | 9.0 HIGH | 7.2 HIGH |
|
Comtech Stampede FX-1010 7.4.3 devices allow remote authenticated administrators to achieve remote code execution by navigating to the Fetch URL page and entering shell metacharacters in the URL field. (In some cases, authentication can be achieved with the comtech password for the comtech account.)
|
|||||
| CVE-2020-7244 | 1 Comtech | 2 Stampede Fx-1010, Stampede Fx-1010 Firmware | 2026-01-02 | 9.0 HIGH | 7.2 HIGH |
|
Comtech Stampede FX-1010 7.4.3 devices allow remote authenticated administrators to achieve remote code execution by navigating to the Poll Routes page and entering shell metacharacters in the Router IP Address field. (In some cases, authentication can be achieved with the comtech password for the comtech account.)
|
|||||
| CVE-2020-5179 | 1 Comtech | 2 Stampede Fx-1010, Stampede Fx-1010 Firmware | 2026-01-02 | 9.0 HIGH | 7.2 HIGH |
|
Comtech Stampede FX-1010 7.4.3 devices allow remote authenticated administrators to execute arbitrary OS commands by navigating to the Diagnostics Ping page and entering shell metacharacters in the Target IP address field. (In some cases, authentication can be achieved with the comtech password for the comtech account.)
|
|||||
| CVE-2025-34049 | 2025-12-31 | N/A | N/A | ||
|
An OS command injection vulnerability exists in the OptiLink ONT1GEW GPON router firmware version V2.1.11_X101 Build 1127.190306 and earlier. The router’s web management interface fails to properly sanitize user input in the target_addr parameter of the formTracert and formPing administrative endpoints. An authenticated attacker can inject arbitrary operating system commands, which are executed with root privileges, leading to remote code execution. Successful exploitation enables full compromis ...
Show More |
|||||
| CVE-2021-47747 | 2025-12-31 | N/A | 8.8 HIGH | ||
|
meterN 1.2.3 contains an authenticated remote code execution vulnerability in admin_meter2.php and admin_indicator2.php scripts. Attackers can exploit the 'COMMANDx' and 'LIVECOMMANDx' POST parameters to execute arbitrary system commands with administrative privileges.
|
|||||
| CVE-2021-47745 | 2025-12-31 | N/A | 8.8 HIGH | ||
|
Cypress Solutions CTM-200 2.7.1 contains an authenticated command injection vulnerability in the firmware upgrade script that allows remote attackers to execute shell commands. Attackers can exploit the 'fw_url' parameter in the ctm-config-upgrade.sh script to inject and execute arbitrary commands with root privileges.
|
|||||
| CVE-2025-15388 | 2025-12-31 | N/A | 8.8 HIGH | ||
|
VPN Firewall developed by QNO Technology has an OS Command Injection vulnerability, allowing authenticated remote attackers to inject arbitrary OS commands and execute them on the server.
|
|||||
| CVE-2025-15389 | 2025-12-31 | N/A | 8.8 HIGH | ||
|
VPN Firewall developed by QNO Technology has an OS Command Injection vulnerability, allowing authenticated remote attackers to inject arbitrary OS commands and execute them on the server.
|
|||||
| CVE-2019-16790 | 1 Prasathmani | 1 Tiny File Manager | 2025-12-31 | 6.5 MEDIUM | 6.5 MEDIUM |
|
In Tiny File Manager before 2.3.9, there is a remote code execution via Upload from URL and Edit/Rename files. Only authenticated users are impacted.
|
|||||
| CVE-2023-53945 | 1 Brainycp | 1 Brainycp | 2025-12-31 | N/A | 8.8 HIGH |
|
BrainyCP 1.0 contains an authenticated remote code execution vulnerability that allows logged-in users to inject arbitrary commands through the crontab configuration interface. Attackers can exploit the crontab endpoint by adding a malicious command that spawns a reverse shell to a specified IP and port.
|
|||||
| CVE-2016-15048 | 1 Amttgroup | 1 Hibos | 2025-12-31 | N/A | 9.8 CRITICAL |
|
AMTT Hotel Broadband Operation System (HiBOS) contains an unauthenticated command injection vulnerability in the /manager/radius/server_ping.php endpoint. The application constructs a shell command that includes the user-supplied ip parameter and executes it without proper validation or escaping. An attacker can insert shell metacharacters into the ip parameter to inject and execute arbitrary system commands as the web server user. The initial third-party disclosure in 2016 recommended contactin ...
Show More |
|||||
| CVE-2025-63408 | 1 Ispyconnect | 1 Agent Dvr | 2025-12-31 | N/A | 7.8 HIGH |
|
Local Agent DVR versions thru 6.6.1.0 are vulnerable to directory traversal that allows an unauthenticated local attacker to gain access to sensitive information, cause a server-side forgery request (SSRF), or execute OS commands.
|
|||||
| CVE-2025-56130 | 1 Ruijie | 4 Rg-nbs5100-24gt4sfp, Rg-nbs5100-24gt4sfp Firmware, Rg-s1930 and 1 more | 2025-12-31 | N/A | 8.8 HIGH |
|
OS Command Injection vulnerability in Ruijie RG-S1930 S1930SWITCH_3.0(1)B11P230 allowing attackers to execute arbitrary commands via a crafted POST request to the module_update in file /usr/local/lua/dev_config/ace_sw.lua.
|
|||||
| CVE-2025-63414 | 1 Allskyteam | 1 Allsky | 2025-12-31 | N/A | 10.0 CRITICAL |
|
A Path Traversal vulnerability in the Allsky WebUI version v2024.12.06_06 allows an unauthenticated remote attacker to achieve arbitrary command execution. By sending a crafted HTTP request to the /html/execute.php endpoint with a malicious payload in the id parameter, an attacker can execute arbitrary commands on the underlying operating system, leading to full remote code execution (RCE).
|
|||||
| CVE-2019-25243 | 1 Iwt | 2 Facesentry Access Control System, Facesentry Access Control System Firmware | 2025-12-30 | N/A | 8.8 HIGH |
|
FaceSentry 6.4.8 contains an authenticated remote command injection vulnerability in pingTest.php and tcpPortTest.php scripts. Attackers can exploit unsanitized input parameters to inject and execute arbitrary shell commands with root privileges by manipulating the 'strInIP' and 'strInPort' parameters.
|
|||||
| CVE-2025-13700 | 2025-12-29 | N/A | 7.2 HIGH | ||
|
DreamFactory saveZipFile Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of DreamFactory. Authentication is required to exploit this vulnerability.
The specific flaw exists within the implementation of the saveZipFile method. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to exe ...
Show More |
|||||
| CVE-2025-14500 | 2025-12-29 | N/A | 9.8 CRITICAL | ||
|
IceWarp14 X-File-Operation Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IceWarp. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the handling of the X-File-Operation header. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to exe ...
Show More |
|||||
| CVE-2019-25255 | 2025-12-29 | N/A | 4.3 MEDIUM | ||
|
VideoFlow Digital Video Protection DVP 2.10 contains an authenticated remote code execution vulnerability that allows attackers to execute system commands with root privileges. Attackers can exploit the vulnerability through a cross-site request forgery (CSRF) mechanism to gain unauthorized system access.
|
|||||
| CVE-2025-43876 | 2025-12-29 | N/A | N/A | ||
|
Under certain circumstances a successful exploitation could result in access to the device.
|
|||||
| CVE-2025-43875 | 2025-12-29 | N/A | N/A | ||
|
Under certain circumstances a successful exploitation could result in access to the device.
|
|||||
| CVE-2025-66203 | 2025-12-29 | N/A | 9.9 CRITICAL | ||
|
StreamVault is a video download integration solution. Prior to version 251126, a Remote Code Execution (RCE) vulnerability exists in the stream-vault application (SpiritApplication). The application allows administrators to configure yt-dlp arguments via the /admin/api/saveConfig endpoint without sufficient validation. These arguments are stored globally and subsequently used in YtDlpUtil.java when constructing the command line to execute yt-dlp. This issue has been patched in version 251126.
|
|||||
| CVE-2025-68922 | 2025-12-29 | N/A | 7.4 HIGH | ||
|
OpenOps before 0.6.11 allows remote code execution in the Terraform block.
|
|||||
| CVE-2025-30004 | 1 Xorcom | 1 Completepbx | 2025-12-27 | N/A | 8.8 HIGH |
|
Xorcom CompletePBX is vulnerable to command injection in the administrator Task Scheduler functionality, allowing for attackers to execute arbitrary commands as the root user.
This issue affects CompletePBX: all versions up to and prior to 5.2.35
|
|||||
| CVE-2023-53981 | 1 Thibaud-rohmer | 1 Photoshow | 2025-12-27 | N/A | 7.2 HIGH |
|
PhotoShow 3.0 contains a remote code execution vulnerability that allows authenticated administrators to inject malicious commands through the exiftran path configuration. Attackers can exploit the ffmpeg configuration settings by base64 encoding a reverse shell command and executing it through a crafted video upload process.
|
|||||
| CVE-2023-53941 | 1 Easyphp | 1 Webserver | 2025-12-26 | N/A | 9.8 CRITICAL |
|
EasyPHP Webserver 14.1 contains an OS command injection vulnerability that allows unauthenticated attackers to execute arbitrary system commands by injecting malicious payloads through the app_service_control parameter. Attackers can send POST requests to /index.php?zone=settings with crafted app_service_control values to execute commands with administrative privileges.
|
|||||
| CVE-2005-10004 | 1 Cacti | 1 Cacti | 2025-12-26 | N/A | 8.8 HIGH |
|
Cacti versions prior to 0.8.6-d contain a remote command execution vulnerability in the graph_view.php script. An authenticated user can inject arbitrary shell commands via the graph_start GET parameter, which is improperly handled during graph rendering. This flaw allows attackers to execute commands on the underlying operating system with the privileges of the web server process, potentially compromising system integrity.
|
|||||
| CVE-2025-56086 | 1 Ruijie | 4 Rg-ew1200, Rg-ew1200 Firmware, Rg-x60 and 1 more | 2025-12-26 | N/A | 8.8 HIGH |
|
OS Command Injection vulnerability in Ruijie RG-EW1200 EW_3.0(1)B11P227_EW1200_11130208RG-EW1200 V1.00 allowing attackers to execute arbitrary commands via a crafted POST request to the module_get in file /usr/local/lua/dev_sta/networkConnect.lua.
|
|||||
| CVE-2025-56085 | 1 Ruijie | 4 Rg-ew1200, Rg-ew1200 Firmware, Rg-ew300 Pro and 1 more | 2025-12-26 | N/A | 8.8 HIGH |
|
OS Command Injection vulnerability in Ruijie RG-EW1200 EW_3.0(1)B11P227_EW1200_11130208RG-EW1200 V1.00 allowing attackers to execute arbitrary commands via a crafted POST request to the module_set in file /usr/local/lua/dev_config/config_retain.lua.
|
|||||
| CVE-2025-56087 | 1 Ruijie | 2 Rg-bcr600w, Rg-bcr600w Firmware | 2025-12-26 | N/A | 8.8 HIGH |
|
OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR600W allowing attackers to execute arbitrary commands via a crafted POST request to the run_tcpdump in file /usr/lib/lua/luci/controller/admin/common_tcpdump.lua.
|
|||||
| CVE-2025-56107 | 1 Ruijie | 2 Rg-bcr600w, Rg-bcr600w Firmware | 2025-12-26 | N/A | 8.8 HIGH |
|
OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR600W allowing attackers to execute arbitrary commands via a crafted POST request to the submit_wifi in file /usr/lib/lua/luci/controller/admin/common_quick_config.lua.
|
|||||
| CVE-2025-56096 | 1 Ruijie | 2 Rg-bcr600w, Rg-bcr600w Firmware | 2025-12-26 | N/A | 8.8 HIGH |
|
OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR600W allowing attackers to execute arbitrary commands via a crafted POST request to the restart_modules in file /usr/lib/lua/luci/controller/admin/common.lua.
|
|||||
| CVE-2025-56082 | 1 Ruijie | 2 Rg-bcr600w, Rg-bcr600w Firmware | 2025-12-26 | N/A | 8.8 HIGH |
|
OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR600W allowing attackers to execute arbitrary commands via a crafted POST request to the check_changes in file /usr/lib/lua/luci/controller/admin/common.lua.
|
|||||
| CVE-2025-56077 | 2 Ruijie, Ruijienetworks | 5 Rg-eap162\(g\), Rg-rap1260, Rg-rap2200\(e\) and 2 more | 2025-12-26 | N/A | 8.8 HIGH |
|
OS Command Injection vulnerability in Ruijie RG-RAP2200(E) 247 2200 allowing attackers to execute arbitrary commands via a crafted POST request to the module_set in file /usr/local/lua/dev_sta/nbr_cwmp.lua.
|
|||||
| CVE-2025-56079 | 1 Ruijie | 4 Be50, Be50 Firmware, Rg-ew1300g and 1 more | 2025-12-26 | N/A | 8.8 HIGH |
|
OS Command Injection vulnerability in Ruijie RG-EW1300G EW1300G V1.00/V2.00/V4.00 allowing attackers to execute arbitrary commands via a crafted POST request to the module_get in file /usr/local/lua/dev_sta/networkConnect.lua.
|
|||||
| CVE-2024-23789 | 1 Sharp | 4 Jh-rv11, Jh-rv11 Firmware, Jh-rvb1 and 1 more | 2025-12-23 | N/A | 8.8 HIGH |
|
Energy Management Controller with Cloud Services JH-RVB1 /JH-RV11 Ver.B0.1.9.1 and earlier allows a network-adjacent unauthenticated attacker to execute an arbitrary OS command on the affected product.
|
|||||