Total
4887 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-29303 | 1 Contec | 2 Sv-cpt-mc310, Sv-cpt-mc310 Firmware | 2025-10-22 | 9.8 Critical |
| SolarView Compact ver.6.00 was discovered to contain a command injection vulnerability via conf_mail.php. | ||||
| CVE-2022-28810 | 1 Zohocorp | 1 Manageengine Adselfservice Plus | 2025-10-22 | 6.8 Medium |
| Zoho ManageEngine ADSelfService Plus before build 6122 allows a remote authenticated administrator to execute arbitrary operating OS commands as SYSTEM via the policy custom script feature. Due to the use of a default administrator password, attackers may be able to abuse this functionality with minimal effort. Additionally, a remote and partially authenticated attacker may be able to inject arbitrary commands into the custom script due to an unsanitized password field. | ||||
| CVE-2022-26258 | 1 Dlink | 2 Dir-820l, Dir-820l Firmware | 2025-10-22 | 9.8 Critical |
| D-Link DIR-820L 1.05B03 was discovered to contain remote command execution (RCE) vulnerability via HTTP POST to get set ccp. | ||||
| CVE-2022-20708 | 1 Cisco | 8 Rv340, Rv340 Firmware, Rv340w and 5 more | 2025-10-22 | 10 Critical |
| Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code Elevate privileges Execute arbitrary commands Bypass authentication and authorization protections Fetch and run unsigned software Cause denial of service (DoS) For more information about these vulnerabilities, see the Details section of this advisory. | ||||
| CVE-2021-45382 | 1 Dlink | 12 Dir-810l, Dir-810l Firmware, Dir-820l and 9 more | 2025-10-22 | 9.8 Critical |
| A Remote Command Execution (RCE) vulnerability exists in all series H/W revisions D-link DIR-810L, DIR-820L/LW, DIR-826L, DIR-830L, and DIR-836L routers via the DDNS function in ncc2 binary file. Note: DIR-810L, DIR-820L, DIR-830L, DIR-826L, DIR-836L, all hardware revisions, have reached their End of Life ("EOL") /End of Service Life ("EOS") Life-Cycle and as such this issue will not be patched. | ||||
| CVE-2021-40407 | 1 Reolink | 2 Rlc-410w, Rlc-410w Firmware | 2025-10-22 | 7.2 High |
| An OS command injection vulnerability exists in the device network settings functionality of reolink RLC-410W v3.0.0.136_20121102. At [1] or [2], based on DDNS type, the ddns->domain variable, that has the value of the domain parameter provided through the SetDdns API, is not validated properly. This would lead to an OS command injection. An attacker can send an HTTP request to trigger this vulnerability. | ||||
| CVE-2021-36380 | 1 Sunhillo | 1 Sureline | 2025-10-22 | 9.8 Critical |
| Sunhillo SureLine before 8.7.0.1.1 allows Unauthenticated OS Command Injection via shell metacharacters in ipAddr or dnsAddr /cgi/networkDiag.cgi. | ||||
| CVE-2021-36260 | 1 Hikvision | 512 Ds-2cd2021g1-i\(w\), Ds-2cd2021g1-i\(w\) Firmware, Ds-2cd2023g2-i\(u\) and 509 more | 2025-10-22 | 9.8 Critical |
| A command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validation, attacker can exploit the vulnerability to launch a command injection attack by sending some messages with malicious commands. | ||||
| CVE-2021-35394 | 1 Realtek | 1 Rtl819x Jungle Software Development Kit | 2025-10-22 | 9.8 Critical |
| Realtek Jungle SDK version v2.x up to v3.4.14B provides a diagnostic tool called 'MP Daemon' that is usually compiled as 'UDPServer' binary. The binary is affected by multiple memory corruption vulnerabilities and an arbitrary command injection vulnerability that can be exploited by remote unauthenticated attackers. | ||||
| CVE-2021-27561 | 1 Yealink | 1 Device Management | 2025-10-22 | 9.8 Critical |
| Yealink Device Management (DM) 3.6.0.20 allows command injection as root via the /sm/api/v1/firewall/zone/services URI, without authentication. | ||||
| CVE-2021-27104 | 1 Accellion | 1 Fta | 2025-10-22 | 9.8 Critical |
| Accellion FTA 9_12_370 and earlier is affected by OS command execution via a crafted POST request to various admin endpoints. The fixed version is FTA_9_12_380 and later. | ||||
| CVE-2021-27102 | 1 Accellion | 1 Fta | 2025-10-22 | 7.8 High |
| Accellion FTA 9_12_411 and earlier is affected by OS command execution via a local web service call. The fixed version is FTA_9_12_416 and later. | ||||
| CVE-2021-25298 | 1 Nagios | 1 Nagios Xi | 2025-10-22 | 8.8 High |
| Nagios XI version xi-5.7.5 is affected by OS command injection. The vulnerability exists in the file /usr/local/nagiosxi/html/includes/configwizards/cloud-vm/cloud-vm.inc.php due to improper sanitization of authenticated user-controlled input by a single HTTP request, which can lead to OS command injection on the Nagios XI server. | ||||
| CVE-2021-25297 | 1 Nagios | 1 Nagios Xi | 2025-10-22 | 8.8 High |
| Nagios XI version xi-5.7.5 is affected by OS command injection. The vulnerability exists in the file /usr/local/nagiosxi/html/includes/configwizards/switch/switch.inc.php due to improper sanitization of authenticated user-controlled input by a single HTTP request, which can lead to OS command injection on the Nagios XI server. | ||||
| CVE-2021-22502 | 1 Microfocus | 1 Operation Bridge Reporter | 2025-10-22 | 9.8 Critical |
| Remote Code execution vulnerability in Micro Focus Operation Bridge Reporter (OBR) product, affecting version 10.40. The vulnerability could be exploited to allow Remote Code Execution on the OBR server. | ||||
| CVE-2021-20035 | 1 Sonicwall | 9 Sma 200, Sma 200 Firmware, Sma 210 and 6 more | 2025-10-22 | 6.5 Medium |
| Improper neutralization of special elements in the SMA100 management interface allows a remote authenticated attacker to inject arbitrary commands as a 'nobody' user which potentially leads to DoS. | ||||
| CVE-2021-1498 | 1 Cisco | 8 Hyperflex Hx220c Af M5, Hyperflex Hx220c All Nvme M5, Hyperflex Hx220c Edge M5 and 5 more | 2025-10-22 | 9.8 Critical |
| Multiple vulnerabilities in the web-based management interface of Cisco HyperFlex HX could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory. | ||||
| CVE-2021-1497 | 1 Cisco | 8 Hyperflex Hx220c Af M5, Hyperflex Hx220c All Nvme M5, Hyperflex Hx220c Edge M5 and 5 more | 2025-10-22 | 9.8 Critical |
| Multiple vulnerabilities in the web-based management interface of Cisco HyperFlex HX could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory. | ||||
| CVE-2020-9377 | 1 Dlink | 2 Dir-610, Dir-610 Firmware | 2025-10-22 | 8.8 High |
| D-Link DIR-610 devices allow Remote Command Execution via the cmd parameter to command.php. NOTE: This vulnerability only affects products that are no longer supported by the maintainer | ||||
| CVE-2020-9054 | 1 Zyxel | 54 Atp100, Atp100 Firmware, Atp200 and 51 more | 2025-10-22 | 9.8 Critical |
| Multiple ZyXEL network-attached storage (NAS) devices running firmware version 5.21 contain a pre-authentication command injection vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable device. ZyXEL NAS devices achieve authentication by using the weblogin.cgi CGI executable. This program fails to properly sanitize the username parameter that is passed to it. If the username parameter contains certain characters, it can allow command injection with the privileges of the web server that runs on the ZyXEL device. Although the web server does not run as the root user, ZyXEL devices include a setuid utility that can be leveraged to run any command with root privileges. As such, it should be assumed that exploitation of this vulnerability can lead to remote code execution with root privileges. By sending a specially-crafted HTTP POST or GET request to a vulnerable ZyXEL device, a remote, unauthenticated attacker may be able to execute arbitrary code on the device. This may happen by directly connecting to a device if it is directly exposed to an attacker. However, there are ways to trigger such crafted requests even if an attacker does not have direct connectivity to a vulnerable devices. For example, simply visiting a website can result in the compromise of any ZyXEL device that is reachable from the client system. Affected products include: NAS326 before firmware V5.21(AAZF.7)C0 NAS520 before firmware V5.21(AASZ.3)C0 NAS540 before firmware V5.21(AATB.4)C0 NAS542 before firmware V5.21(ABAG.4)C0 ZyXEL has made firmware updates available for NAS326, NAS520, NAS540, and NAS542 devices. Affected models that are end-of-support: NSA210, NSA220, NSA220+, NSA221, NSA310, NSA310S, NSA320, NSA320S, NSA325 and NSA325v2 | ||||