Vulmon
Recent Vulnerabilities
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
By Recent Activity
command injection vulnerabilities and exploits
(subscribe to this query)
9
CVSSv2
CVE-2011-0374
The CGI implementation on Cisco TelePresence endpoint devices with software 1.2.x through 1.5.x allows remote authenticated users to execute arbitrary commands via a malformed request, related to "command injection vulnerabilities," aka Bug ID CSCtb31659....
9
CVSSv2
CVE-2011-0373
The CGI implementation on Cisco TelePresence endpoint devices with software 1.2.x through 1.5.x allows remote authenticated users to execute arbitrary commands via a malformed request, related to "command injection vulnerabilities," aka Bug ID CSCtb31685....
10
CVSSv2
CVE-2011-0372
The CGI implementation on Cisco TelePresence endpoint devices with software 1.2.x through 1.5.x allows remote attackers to execute arbitrary commands via a malformed request, related to "command injection vulnerabilities," aka Bug ID CSCtb31640....
7.2
CVSSv2
CVE-2017-6707
A vulnerability in the CLI command-parsing code of the Cisco StarOS operating system for Cisco ASR 5000 Series 11.0 through 21.0, 5500 Series, and 5700 Series devices and Cisco Virtualized Packet Core (VPC) Software could allow an authenticated, local attacker to break from the...
4.6
CVSSv2
CVE-2017-1000159
Command injection in evince via filename when printing to PDF. This affects versions earlier than 3.25.91....
7.2
CVSSv2
CVE-2019-1623
A vulnerability in the CLI configuration shell of Cisco Meeting Server could allow an authenticated, local attacker to inject arbitrary commands as the root user. The vulnerability is due to insufficient input validation during the execution of a vulnerable CLI command. An...
7.5
CVSSv2
CVE-2013-1177
SQL injection vulnerability in Cisco Network Admission Control (NAC) Manager before 4.8.3.1 and 4.9.x before 4.9.2 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCub23095....
10
CVSSv2
CVE-2017-1000469
Cobbler version up to 2.8.2 is vulnerable to a command injection vulnerability in the "add repo" component resulting in arbitrary code execution as root user....
7.8
CVSSv2
CVE-2020-3479
A vulnerability in the implementation of Multiprotocol Border Gateway Protocol (MP-BGP) for the Layer 2 VPN (L2VPN) Ethernet VPN (EVPN) address family in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service...
7.2
CVSSv2
CVE-2018-0307
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to perform a command-injection attack on an affected device. The vulnerability is due to insufficient input validation of command arguments. An attacker could exploit this...
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
remote code execution
enviragallery
CVE-2020-27368
CVE-2021-23926
injection
envira gallery
CVE-2020-6207
CVE-2021-21242
unspecified
CVE-2021-24122
CVE-2021-0212
« PREV
1
2
3
4
5
6
7
8
9
NEXT »