Total
2690 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-23170 | 1 Versa | 1 Director | 2025-06-23 | 6.7 Medium |
| The Versa Director SD-WAN orchestration platform includes functionality to initiate SSH sessions to remote CPEs and the Director shell via Shell-In-A-Box. The underlying Python script, shell-connect.py, is vulnerable to command injection through the user argument. This allows an attacker to execute arbitrary commands on the system. Exploitation Status: Versa Networks is not aware of any reported instance where this vulnerability was exploited. Proof of concept for this vulnerability has been disclosed by third party security researchers. Workarounds or Mitigation: There are no workarounds to disable the GUI option. Versa recommends that Director be upgraded to one of the remediated software versions. | ||||
| CVE-2025-3816 | 1 Westboy | 1 Cicadascms | 2025-06-23 | 4.7 Medium |
| A vulnerability classified as critical was found in westboy CicadasCMS 2.0. This vulnerability affects unknown code of the file /system/schedule/save of the component Scheduled Task Handler. The manipulation leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-40445 | 1 Ctan | 1 Mimetex | 2025-06-23 | 7.3 High |
| A directory traversal vulnerability in forkosh Mime TeX before version 1.77 allows attackers on Windows systems to read or append arbitrary files by manipulating crafted input paths. | ||||
| CVE-2025-4135 | 1 Netgear | 2 Wg302v2, Wg302v2 Firmware | 2025-06-23 | 6.3 Medium |
| A vulnerability was found in Netgear WG302v2 up to 5.2.9 and classified as critical. Affected by this issue is the function ui_get_input_value. The manipulation of the argument host leads to command injection. The attack may be launched remotely. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-24321 | 1 Dlink | 2 Dir-816, Dir-816 Firmware | 2025-06-20 | 9.8 Critical |
| An issue in Dlink DIR-816A2 v.1.10CNB05 allows a remote attacker to execute arbitrary code via the wizardstep4_ssid_2 parameter in the sub_42DA54 function. | ||||
| CVE-2023-51887 | 1 Ctan | 1 Mathtex | 2025-06-20 | 9.8 Critical |
| Command Injection vulnerability in Mathtex v.1.05 and before allows a remote attacker to execute arbitrary code via crafted string in application URL. | ||||
| CVE-2023-33806 | 1 Hikvision | 2 Ds-d5b86rb\/b, Ds-d5b86rb\/b Firmware | 2025-06-20 | 7.8 High |
| Insecure default configurations in Hikvision Interactive Tablet DS-D5B86RB/B V2.3.0 build220119, allows attackers to execute arbitrary commands. | ||||
| CVE-2024-56084 | 1 Logpoint | 1 Universal Normalizer | 2025-06-20 | 7.1 High |
| An issue was discovered in Logpoint UniversalNormalizer before 5.7.0. Authenticated users can inject payloads while creating Universal Normalizer. These are executed, leading to Remote Code Execution. | ||||
| CVE-2025-5030 | 1 Ackites | 1 Killwxapkg | 2025-06-20 | 5 Medium |
| A vulnerability was found in Ackites KillWxapkg up to 2.4.1. It has been declared as critical. This vulnerability affects the function processFile of the file internal/unpack/unpack.go of the component wxapkg File Parser. The manipulation leads to os command injection. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2023-51126 | 1 Flir | 2 Flir Ax8, Flir Ax8 Firmware | 2025-06-20 | 9.8 Critical |
| Command injection vulnerability in /usr/www/res.php in FLIR AX8 up to 1.46.16 allows attackers to run arbitrary commands via the value parameter. | ||||
| CVE-2023-49237 | 1 Trendnet | 2 Tv-ip1314pi, Tv-ip1314pi Firmware | 2025-06-20 | 9.8 Critical |
| An issue was discovered on TRENDnet TV-IP1314PI 5.5.3 200714 devices. Command injection can occur because the system function is used by davinci to unpack language packs without strict filtering of URL strings. | ||||
| CVE-2023-31446 | 1 Cassianetworks | 4 Xc1000, Xc1000 Firmware, Xc2000 and 1 more | 2025-06-20 | 9.8 Critical |
| In Cassia Gateway firmware XC1000_2.1.1.2303082218 and XC2000_2.1.1.2303090947, the queueUrl parameter in /bypass/config is not sanitized. This leads to injecting Bash code and executing it with root privileges on device startup. | ||||
| CVE-2023-49716 | 1 Emerson | 6 Gc1500xa, Gc1500xa Firmware, Gc370xa and 3 more | 2025-06-17 | 6.9 Medium |
| In Emerson Rosemount GC370XA, GC700XA, and GC1500XA products, an authenticated user with network access could run arbitrary commands from a remote computer. | ||||
| CVE-2023-46687 | 1 Emerson | 6 Gc1500xa, Gc1500xa Firmware, Gc370xa and 3 more | 2025-06-17 | 9.8 Critical |
| In Emerson Rosemount GC370XA, GC700XA, and GC1500XA products, an unauthenticated user with network access could execute arbitrary commands in root context from a remote computer. | ||||
| CVE-2024-21488 | 1 Forkhq | 1 Network | 2025-06-17 | 7.3 High |
| Versions of the package network before 0.7.0 are vulnerable to Arbitrary Command Injection due to use of the child_process exec function without input sanitization. If (attacker-controlled) user input is given to the mac_address_for function of the package, it is possible for the attacker to execute arbitrary commands on the operating system that this package is being run on. | ||||
| CVE-2024-23624 | 1 Dlink | 2 Dap-1650, Dap-1650 Firmware | 2025-06-17 | 9.6 Critical |
| A command injection vulnerability exists in the gena.cgi module of D-Link DAP-1650 devices. An unauthenticated attacker can exploit this vulnerability to gain command execution on the device as root. | ||||
| CVE-2024-22197 | 1 Nginxui | 1 Nginx Ui | 2025-06-17 | 7.7 High |
| Nginx-ui is online statistics for Server Indicators​​ Monitor CPU usage, memory usage, load average, and disk usage in real-time. The `Home > Preference` page exposes a small list of nginx settings such as `Nginx Access Log Path` and `Nginx Error Log Path`. However, the API also exposes `test_config_cmd`, `reload_cmd` and `restart_cmd`. While the UI doesn't allow users to modify any of these settings, it is possible to do so by sending a request to the API. This issue may lead to authenticated Remote Code Execution, Privilege Escalation, and Information Disclosure. This issue has been patched in version 2.0.0.beta.9. | ||||
| CVE-2024-30850 | 1 Tiagorlampert | 1 Chaos | 2025-06-17 | 8.8 High |
| An issue in tiagorlampert CHAOS v5.0.1 allows a remote attacker to execute arbitrary code via the BuildClient function within client_service.go | ||||
| CVE-2025-49823 | 2025-06-17 | 0 Low | ||
| (conda) Constructor is a tool which allows constructing an installer for a collection of conda packages. Prior to version 3.11.3, shell installer scripts process the installation prefix (user_prefix) using an eval statement, which executes unsanitized user input as shell code. Although the script runs with user privileges (not root), an attacker could exploit this by injecting arbitrary commands through a malicious path during installation. Exploitation requires explicit user action. This issue has been patched in version 3.11.3. | ||||
| CVE-2025-5515 | 1 Totolink | 2 X2000r, X2000r Firmware | 2025-06-17 | 6.3 Medium |
| A vulnerability, which was classified as critical, has been found in TOTOLINK X2000R 1.0.0-B20230726.1108. Affected by this issue is some unknown functionality of the file /boafrm/formMapDel. The manipulation of the argument devicemac1 leads to command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||