Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
command injection vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-46169
Cacti is an open source platform which provides a robust and extensible operational monitoring and fault management framework for users. In affected versions a command injection vulnerability allows an unauthenticated user to execute arbitrary code on a server running Cacti, if a...
Cacti Cacti
1 Metasploit module
42 Github repositories
6.8
CVSSv2
CVE-2016-4338
The mysql user parameter configuration script (userparameter_mysql.conf) in the agent in Zabbix prior to 2.0.18, 2.2.x prior to 2.2.13, and 3.0.x prior to 3.0.3, when used with a shell other than bash, allows context-dependent malicious users to execute arbitrary code or SQL comm...
Zabbix Zabbix 2.0.14
Zabbix Zabbix 2.0.13
Zabbix Zabbix 2.0.6
Zabbix Zabbix 2.0.5
Zabbix Zabbix 2.2.10
Zabbix Zabbix 2.2.9
Zabbix Zabbix 2.0.12
Zabbix Zabbix 2.0.11
Zabbix Zabbix 2.0.4
Zabbix Zabbix 2.0.3
Zabbix Zabbix 2.0.2
Zabbix Zabbix 2.2.8
Zabbix Zabbix 2.2.7
Zabbix Zabbix 2.2.0
Zabbix Zabbix 3.0.2
Zabbix Zabbix 2.2.2
Zabbix Zabbix 2.2.1
Zabbix Zabbix 2.0.17
Zabbix Zabbix 2.0.10
Zabbix Zabbix 2.0.9
Zabbix Zabbix 2.0.1
Zabbix Zabbix 2.0.0
1 EDB exploit
9
CVSSv2
CVE-2020-3454
A vulnerability in the Call Home feature of Cisco NX-OS Software could allow an authenticated, remote malicious user to inject arbitrary commands that could be executed with root privileges on the underlying operating system (OS). The vulnerability is due to insufficient input va...
Cisco Nx-os -
7.2
CVSSv2
CVE-2017-6794
A vulnerability in the CLI command-parsing code of Cisco Meeting Server could allow an authenticated, local malicious user to perform command injection and escalate their privileges to root. The attacker must first authenticate to the application with valid administrator credenti...
Cisco Meeting Server 2.0.16
Cisco Meeting Server 2.0.15
Cisco Meeting Server 2.0.14
Cisco Meeting Server 2.0.13
Cisco Meeting Server 2.0.12
Cisco Meeting Server 2.1.11
Cisco Meeting Server 2.0.0
Cisco Meeting Server 2.0.1
Cisco Meeting Server 2.0.3
Cisco Meeting Server 2.0.10
Cisco Meeting Server 2.1.2
Cisco Meeting Server 2.1.7
Cisco Meeting Server 2.1.9
Cisco Meeting Server 2.0.5
Cisco Meeting Server 2.0.7
Cisco Meeting Server 2.1.3
Cisco Meeting Server 2.1.4
Cisco Meeting Server 2.1.5
Cisco Meeting Server 2.1.6
Cisco Meeting Server 2.0.9
Cisco Meeting Server 2.1.0
Cisco Meeting Server 2.1.1
7.2
CVSSv2
CVE-2017-6707
A vulnerability in the CLI command-parsing code of the Cisco StarOS operating system for Cisco ASR 5000 Series 11.0 up to and including 21.0, 5500 Series, and 5700 Series devices and Cisco Virtualized Packet Core (VPC) Software could allow an authenticated, local malicious user t...
Cisco Staros 11.0 Base
Cisco Staros 12.2\\(300\\)
Cisco Staros 14.0.0
Cisco Staros 16.0\\(900\\)
Cisco Staros 16.1.0
Cisco Staros 18.1.0.59776
Cisco Staros 18.1.0.59780
Cisco Staros 18.0.0
Cisco Staros 19.0.m0.61045
Cisco Staros 19.0.1
Cisco Staros 18.4.0
Cisco Staros 19.3.0
Cisco Staros 20.0.1.0
Cisco Staros 20.0.1.a0
Cisco Staros 21.0 Base
Cisco Staros 21.0.0
Cisco Staros 12.1 Base
Cisco Staros 12.2 Base
Cisco Staros 15.0\\(938\\)
Cisco Staros 16.0.0
Cisco Staros 18.1 Base
Cisco Staros 18.1.0
9
CVSSv2
CVE-2016-7435
The (1) SCTC_REFRESH_EXPORT_TAB_COMP, (2) SCTC_REFRESH_CHECK_ENV, and (3) SCTC_TMS_MAINTAIN_ALOG functions in the SCTC subpackage in SAP Netweaver 7.40 SP 12 allow remote authenticated users with certain permissions to execute arbitrary commands via vectors involving a CALL '...
Sap Netweaver 7.40
NA
CVE-2023-41109
SmartNode SN200 (aka SN200) 3.21.2-23021 allows unauthenticated OS Command Injection.
Patton Smartnode Sn200 Firmware
10
CVSSv2
CVE-2022-30525
A OS command injection vulnerability in the CGI program of Zyxel USG FLEX 100(W) firmware versions 5.00 up to and including 5.21 Patch 1, USG FLEX 200 firmware versions 5.00 up to and including 5.21 Patch 1, USG FLEX 500 firmware versions 5.00 up to and including 5.21 Patch 1, US...
Zyxel Usg Flex 100w Firmware
Zyxel Usg Flex 200 Firmware
Zyxel Usg Flex 500 Firmware
Zyxel Usg Flex 700 Firmware
Zyxel Vpn100 Firmware
Zyxel Vpn1000 Firmware
Zyxel Vpn300 Firmware
Zyxel Vpn50 Firmware
Zyxel Atp100 Firmware
Zyxel Atp100w Firmware
Zyxel Atp200 Firmware
Zyxel Atp500 Firmware
Zyxel Atp700 Firmware
Zyxel Atp800 Firmware
Zyxel Usg Flex 50w Firmware
Zyxel Usg20w-vpn Firmware
1 Metasploit module
17 Github repositories
9
CVSSv2
CVE-2020-12109
Certain TP-Link devices allow Command Injection. This affects NC200 2.1.9 build 200225, NC210 1.0.9 build 200304, NC220 1.3.0 build 200304, NC230 1.3.0 build 200304, NC250 1.3.0 build 200304, NC260 1.5.2 build 200304, and NC450 1.5.3 build 200304.
Tp-link Nc200 Firmware 2.1.6
Tp-link Nc200 Firmware 2.1.9
Tp-link Nc210 Firmware 1.0.3
Tp-link Nc210 Firmware 1.0.4
Tp-link Nc210 Firmware 1.0.9
Tp-link Nc220 Firmware 1.2.0
Tp-link Nc220 Firmware 1.3.0
Tp-link Nc230 Firmware 1.0.3
Tp-link Nc230 Firmware 1.2.1
Tp-link Nc230 Firmware 1.3.0
Tp-link Nc250 Firmware 1.0.8
Tp-link Nc250 Firmware 1.0.10
Tp-link Nc250 Firmware 1.2.1
Tp-link Nc250 Firmware 1.3.0
Tp-link Nc260 Firmware 1.0.5
Tp-link Nc260 Firmware 1.0.6
Tp-link Nc260 Firmware 1.4.1
Tp-link Nc260 Firmware 1.5.0
Tp-link Nc260 Firmware 1.5.2
Tp-link Nc450 Firmware 1.0.15
Tp-link Nc450 Firmware 1.1.2
Tp-link Nc450 Firmware 1.3.4
7.2
CVSSv2
CVE-2018-1185
An issue exists in EMC RecoverPoint for Virtual Machines versions before 5.1.1, EMC RecoverPoint version 5.1.0.0, and EMC RecoverPoint versions before 5.0.1.3. Command injection vulnerability in Admin CLI may allow a malicious user with admin privileges to escape from the restric...
Dell Emc Recoverpoint
Dell Emc Recoverpoint For Virtual Machines
Dell Emc Recoverpoint 5.1.0.0
1 EDB exploit
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »