Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
command injection vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv2
CVE-2021-1452
A vulnerability in the ROM Monitor (ROMMON) of Cisco IOS XE Software for Cisco Catalyst IE3200, IE3300, and IE3400 Rugged Series Switches, Cisco Catalyst IE3400 Heavy Duty Series Switches, and Cisco Embedded Services 3300 Series Switches could allow an unauthenticated, physical m...
Cisco Ios Xe Rom Monitor
8.3
CVSSv2
CVE-2018-15380
A vulnerability in the cluster service manager of Cisco HyperFlex Software could allow an unauthenticated, adjacent malicious user to execute commands as the root user. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by conn...
Cisco Hyperflex Hx Data Platform 3.0(1a)
Cisco Hyperflex Hx Data Platform 3.5(1a)
NA
CVE-2023-20231
A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote malicious user to perform an injection attack against an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sendin...
Cisco Ios Xe 16.12.4
Cisco Ios Xe 16.12.4a
Cisco Ios Xe 16.12.5
Cisco Ios Xe 16.12.5a
Cisco Ios Xe 16.12.5b
Cisco Ios Xe 16.12.6
Cisco Ios Xe 16.12.6a
Cisco Ios Xe 16.12.7
Cisco Ios Xe 16.12.8
Cisco Ios Xe 16.12.9
Cisco Ios Xe 17.2.2
Cisco Ios Xe 17.2.3
Cisco Ios Xe 17.3.1
Cisco Ios Xe 17.3.1a
Cisco Ios Xe 17.3.1w
Cisco Ios Xe 17.3.1x
Cisco Ios Xe 17.3.1z
Cisco Ios Xe 17.3.2
Cisco Ios Xe 17.3.3
Cisco Ios Xe 17.3.4
Cisco Ios Xe 17.3.4a
Cisco Ios Xe 17.3.4b
9
CVSSv2
CVE-2020-3219
A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote malicious user to inject and execute arbitrary commands with administrative privileges on the underlying operating system of an affected device. The vulnerability is due to insufficient va...
Cisco Ios Xe 16.2.1
Cisco Ios Xe 16.1.3
Cisco Ios Xe 16.1.2
Cisco Ios Xe 16.6.1
Cisco Ios Xe 16.1.1
Cisco Ios Xe 16.4.1
Cisco Ios Xe 16.2.2
Cisco Ios Xe 16.3.1
Cisco Ios Xe 16.3.1a
Cisco Ios Xe 16.3.2
Cisco Ios Xe 16.3.3
Cisco Ios Xe 16.5.1
Cisco Ios Xe 16.5.1a
Cisco Ios Xe 16.3.4
Cisco Ios Xe 16.5.1b
Cisco Ios Xe 16.4.2
Cisco Ios Xe 16.3.5b
Cisco Ios Xe 16.3.6
Cisco Ios Xe 16.6.3
Cisco Ios Xe 16.8.1
Cisco Ios Xe 16.7.1
Cisco Ios Xe 16.6.2
5.5
CVSSv2
CVE-2021-1530
A vulnerability in the web-based management interface of Cisco BroadWorks Messaging Server Software could allow an authenticated, remote malicious user to access sensitive information or cause a partial denial of service (DoS) condition on an affected system. This vulnerability i...
Cisco Broadworks Messaging Server 22.0
7.5
CVSSv2
CVE-2013-1177
SQL injection vulnerability in Cisco Network Admission Control (NAC) Manager prior to 4.8.3.1 and 4.9.x prior to 4.9.2 allows remote malicious users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCub23095.
Cisco Network Admission Control Manager And Server System Software 4.8.2
Cisco Network Admission Control Manager And Server System Software 4.8.1
Cisco Network Admission Control Manager And Server System Software
Cisco Network Admission Control Manager And Server System Software 4.9.0
Cisco Network Admission Control Manager And Server System Software 4.9.1
Cisco Network Admission Control Manager And Server System Software 4.8.0
7.2
CVSSv2
CVE-2021-1448
A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local malicious user to execute arbitrary commands with root privileges on the underlying operating system of an affected device that is running in multi-instance mode. This ...
Cisco Firepower Threat Defense
9
CVSSv2
CVE-2015-6298
The admin web interface in Cisco AsyncOS 8.x prior to 8.0.8-113, 8.1.x and 8.5.x prior to 8.5.3-051, 8.6.x and 8.7.x prior to 8.7.0-171-LD, and 8.8.x prior to 8.8.0-085 on Web Security Appliance (WSA) devices allows remote authenticated users to obtain root privileges via crafted...
Cisco Web Security Appliance 8.5.0-497
8.5
CVSSv2
CVE-2013-1668
The uploadFile function in upload/index.php in CosCMS prior to 1.822 allows remote administrators to execute arbitrary commands via shell metacharacters in the name of an uploaded file.
Coscms Coscms
Coscms Coscms 1.3
Coscms Coscms 1.41
1 EDB exploit
7.5
CVSSv2
CVE-2020-35476
A remote code execution vulnerability occurs in OpenTSDB up to and including 2.4.0 via command injection in the yrange parameter. The yrange value is written to a gnuplot file in the /tmp directory. This file is then executed via the mygnuplot.sh shell script. (tsd/GraphHandler.j...
Opentsdb Opentsdb
1 Metasploit module
2 Github repositories
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »