Total
4852 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-57457 | 1 Curo | 1 Uc300 | 2025-10-10 | 8.8 High |
| An OS Command Injection vulnerability in the Admin panel in Curo UC300 5.42.1.7.1.63R1 allows local attackers to inject arbitrary OS Commands via the "IP Addr" parameter. | ||||
| CVE-2025-10239 | 1 Progress | 1 Flowmon | 2025-10-10 | 7.2 High |
| In Flowmon versions prior to 12.5.5, a vulnerability has been identified that allows a user with administrator privileges and access to the management interface to execute additional unintended commands within scripts intended for troubleshooting purposes. | ||||
| CVE-2025-60006 | 1 Juniper | 1 Junos Os Evolved | 2025-10-10 | 5.3 Medium |
| Multiple instances of an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in the CLI of Juniper Networks Junos OS Evolved could be used to elevate privileges and/or execute unauthorized commands. When an attacker executes crafted CLI commands, the options are processed via a script in some cases. These scripts are not hardened so injected commands might be executed via the shell, which allows an attacker to perform operations, which they should not be able to do according to their assigned permissions. This issue affects Junos OS Evolved: * 24.2 versions before 24.2R2-S2-EVO, * 24.4 versions before 24.4R2-EVO. This issue does not affect Junos OS Evolved versions earlier than 24.2R1-EVO. | ||||
| CVE-2016-15047 | 1 Avtech | 3 Dvr Devices, Ip Camera, Nvr Devices | 2025-10-10 | N/A |
| AVTECH devices that include the CloudSetup.cgi management endpoint are vulnerable to authenticated OS command injection. The `exefile` parameter in CloudSetup.cgi is passed to the underlying system command execution without proper validation or whitelisting. An authenticated attacker who can invoke this endpoint can supply crafted input to execute arbitrary system commands as root. Successful exploitation grants full control of the device, and - depending on deployment and whether the device stores credentials or has network reachability to internal systems - may enable credential theft, lateral movement, or data exfiltration. The archived SEARCH-LAB disclosure implies that this vulnerability was remediated in early 2017, but AVTECH has not defined an affected version range. | ||||
| CVE-2025-0798 | 1 Escanav | 1 Escan Anti-virus | 2025-10-09 | 8.1 High |
| A vulnerability was found in MicroWorld eScan Antivirus 7.0.32 on Linux. It has been rated as critical. This issue affects some unknown processing of the file rtscanner of the component Quarantine Handler. The manipulation leads to os command injection. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-11285 | 2 Mcphub, Mcphubx | 2 Mcphub, Mcphub | 2025-10-09 | 6.3 Medium |
| A vulnerability was found in samanhappy MCPHub up to 0.9.10. Affected by this issue is some unknown functionality of the file src/controllers/serverController.ts. The manipulation of the argument command/args results in os command injection. The attack can be launched remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-9528 | 1 Linksys | 2 E1700, E1700 Firmware | 2025-10-09 | 4.7 Medium |
| A vulnerability was determined in Linksys E1700 1.0.0.4.003. This vulnerability affects the function systemCommand of the file /goform/systemCommand. Executing manipulation of the argument command can lead to os command injection. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-54403 | 1 Planet | 2 Wgr-500, Wgr-500 Firmware | 2025-10-09 | 8.8 High |
| Multiple OS command injection vulnerabilities exist in the swctrl functionality of Planet WGR-500 v1.3411b190912. A specially crafted network request can lead to arbitrary command execution. An attacker can send a network request to trigger these vulnerabilities.This command injection is related to the `new_password` request parameter. | ||||
| CVE-2025-54404 | 1 Planet | 2 Wgr-500, Wgr-500 Firmware | 2025-10-09 | 8.8 High |
| Multiple OS command injection vulnerabilities exist in the swctrl functionality of Planet WGR-500 v1.3411b190912. A specially crafted network request can lead to arbitrary command execution. An attacker can send a network request to trigger these vulnerabilities.This command injection is related to the `new_device_name` request parameter. | ||||
| CVE-2025-54405 | 1 Planet | 2 Wgr-500, Wgr-500 Firmware | 2025-10-09 | 8.8 High |
| Multiple OS command injection vulnerabilities exist in the formPingCmd functionality of Planet WGR-500 v1.3411b190912. A specially crafted series of HTTP requests can lead to arbitrary command execution. An attacker can send a series of HTTP requests to trigger these vulnerabilities.This command injection is related to the `ipaddr` request parameter. | ||||
| CVE-2025-54406 | 1 Planet | 2 Wgr-500, Wgr-500 Firmware | 2025-10-09 | 8.8 High |
| Multiple OS command injection vulnerabilities exist in the formPingCmd functionality of Planet WGR-500 v1.3411b190912. A specially crafted series of HTTP requests can lead to arbitrary command execution. An attacker can send a series of HTTP requests to trigger these vulnerabilities.This command injection is related to the `counts` request parameter. | ||||
| CVE-2025-54072 | 1 Yt-dlp Project | 1 Yt-dlp | 2025-10-09 | 7.5 High |
| yt-dlp is a feature-rich command-line audio/video downloader. In versions 2025.06.25 and below, when the --exec option is used on Windows with the default placeholder (or {}), insufficient sanitization is applied to the expanded filepath, allowing for remote code execution. This is a bypass of the mitigation for CVE-2024-22423 where the default placeholder and {} were not covered by the new escaping rules. Windows users who are unable to upgrade should avoid using --exec altogether. Instead, the --write-info-json or --dump-json options could be used, with an external script or command line consuming the JSON output. This is fixed in version 2025.07.21. | ||||
| CVE-2025-11491 | 1 Wonderwhy-er | 1 Desktopcommandermcp | 2025-10-09 | 6.3 Medium |
| A vulnerability was found in wonderwhy-er DesktopCommanderMCP up to 0.2.13. The impacted element is the function CommandManager of the file src/command-manager.ts. Performing manipulation results in os command injection. It is possible to initiate the attack remotely. The exploit has been made public and could be used. | ||||
| CVE-2025-11490 | 1 Wonderwhy-er | 1 Desktopcommandermcp | 2025-10-09 | 6.3 Medium |
| A vulnerability has been found in wonderwhy-er DesktopCommanderMCP up to 0.2.13. The affected element is the function extractBaseCommand of the file src/command-manager.ts of the component Absolute Path Handler. Such manipulation leads to os command injection. The attack may be performed from remote. The exploit has been disclosed to the public and may be used. The vendor explains: "The usual use case is that AI is asked to do something, picks commands itself, and typically uses simple command names without absolute paths. It's curious why a user would ask the model to bypass restrictions this way. (...) This could potentially be a problem, but we are yet to hear reports of this being an issue in actual workflows. We'll leave this issue open for situations where people may report this as a problem for the long term." | ||||
| CVE-2025-47212 | 1 Qnap | 2 Qts, Quts Hero | 2025-10-08 | 7.2 High |
| A command injection vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the following versions: QTS 5.2.6.3195 build 20250715 and later QuTS hero h5.2.6.3195 build 20250715 and later | ||||
| CVE-2025-60965 | 1 Endrun | 1 Sonoma D12 Network Time Server | 2025-10-08 | 9.1 Critical |
| OS Command Injection vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F/W 6010-0071-000 Ver 4.00 allows attackers to execute arbitrary code, cause a denial of service, gain escalated privileges, gain sensitive information, and possibly other unspecified impacts. | ||||
| CVE-2025-36354 | 1 Ibm | 2 Security Verify Access, Security Verify Access Docker | 2025-10-08 | 7.3 High |
| IBM Security Verify Access and IBM Security Verify Access Docker 10.0.0.0 through 10.0.9.0 and 11.0.0.0 through 11.0.1.0 could allow an unauthenticated user to execute arbitrary commands with lower user privileges on the system due to improper validation of user supplied input. | ||||
| CVE-2025-60957 | 1 Endrun | 1 Sonoma D12 Network Time Server | 2025-10-08 | 9.9 Critical |
| OS Command Injection vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F/W 6010-0071-000 Ver 4.00 allows attackers to execute arbitrary code, cause a denial of service, gain escalated privileges, and gain sensitive information. | ||||
| CVE-2025-60963 | 1 Endrun | 1 Sonoma D12 Network Time Server | 2025-10-08 | 8.2 High |
| OS Command Injection vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F/W 6010-0071-000 Ver 4.00 allows attackers to execute arbitrary code, cause a denial of service, gain escalated privileges, and gain sensitive information. | ||||
| CVE-2025-60964 | 1 Endrun | 1 Sonoma D12 Network Time Server | 2025-10-08 | 9.1 Critical |
| OS Command Injection vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F/W 6010-0071-000 Ver 4.00 allows attackers to execute arbitrary code, cause a denial of service, gain escalated privileges, gain sensitive information, and possibly other unspecified impacts. | ||||