CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Related To CWE-77

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2017-1000083 77 Exec Code 2017-09-05 2017-09-06
6.8
None Remote Medium Not required Partial Partial Partial
backend/comics/comics-document.c (aka the comic book backend) in GNOME Evince before 3.24.1 allows remote attackers to execute arbitrary commands via a .cbt file that is a TAR archive containing a filename beginning with a "--" command-line option substring, as demonstrated by a --checkpoint-action=exec=bash at the beginning of the filename.
2 CVE-2017-1000037 77 Exec Code 2017-07-17 2017-08-15
7.5
None Remote Low Not required Partial Partial Partial
RVM automatically loads environment variables from files in $PWD resulting in command execution RVM vulnerable to command injection when automatically loading environment variables from files in $PWD RVM automatically executes hooks located in $PWD resulting in code execution RVM automatically installs gems as specified by files in $PWD resulting in code execution RVM automatically does "bundle install" on a Gemfile specified by .versions.conf in $PWD resulting in code execution
3 CVE-2017-1000009 77 2017-07-17 2017-08-08
7.5
None Remote Low Not required Partial Partial Partial
Akeneo PIM CE and EE <1.6.6, <1.5.15, <1.4.28 are vulnerable to shell injection in the mass edition, resulting in remote execution.
4 CVE-2017-14405 77 Exec Code 2017-09-12 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
The EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote command execution via shell metacharacters in a hosts_cacti array parameter to module/admin_device/index.php.
5 CVE-2017-14119 77 Exec Code 2017-09-03 2017-09-05
6.5
None Remote Low Single system Partial Partial Partial
In the EyesOfNetwork web interface (aka eonweb) 5.1-0, module\tool_all\tools\snmpwalk.php does not properly restrict popen calls, which allows remote attackers to execute arbitrary commands via shell metacharacters in a parameter.
6 CVE-2017-14118 77 Exec Code 2017-09-03 2017-09-05
6.5
None Remote Low Single system Partial Partial Partial
In the EyesOfNetwork web interface (aka eonweb) 5.1-0, module\tool_all\tools\interface.php does not properly restrict exec calls, which allows remote attackers to execute arbitrary commands via shell metacharacters in the host_list parameter to module/tool_all/select_tool.php.
7 CVE-2017-13713 77 Exec Code 2017-09-07 2017-09-14
6.5
None Remote Low Single system Partial Partial Partial
T&W WIFI Repeater BE126 allows remote authenticated users to execute arbitrary code via shell metacharacters in the user parameter to cgi-bin/webupg.
8 CVE-2017-12836 77 Exec Code 2017-08-24 2017-09-07
5.1
None Remote High Not required Partial Partial Partial
CVS 1.12.x, when configured to use SSH for remote repositories, might allow remote attackers to execute arbitrary code via a repository URL with a crafted hostname, as demonstrated by "-oProxyCommand=id;localhost:/bar."
9 CVE-2017-12756 77 2017-08-09 2017-08-20
6.5
None Remote Low Single system Partial Partial Partial
Command inject in transfer from another server in extplorer 2.1.9 and prior allows attacker to inject command via the userfile[0] parameter.
10 CVE-2017-11566 77 2017-07-25 2017-07-28
7.2
None Local Low Not required Complete Complete Complete
AppUse 4.0 allows shell command injection via a proxy field.
11 CVE-2017-11392 77 Exec Code 2017-08-03 2017-08-04
6.5
None Remote Low Single system Partial Partial Partial
Proxy command injection vulnerability in Trend Micro InterScan Messaging Virtual Appliance 9.0 and 9.1 allows remote attackers to execute arbitrary code on vulnerable installations. The specific flaw can be exploited by parsing the "T" parameter within modTMCSS Proxy. Formerly ZDI-CAN-4745.
12 CVE-2017-11391 77 Exec Code 2017-08-03 2017-08-07
6.5
None Remote Low Single system Partial Partial Partial
Proxy command injection vulnerability in Trend Micro InterScan Messaging Virtual Appliance 9.0 and 9.1 allows remote attackers to execute arbitrary code on vulnerable installations. The specific flaw can be exploited by parsing the "t" parameter within modTMCSS Proxy. Formerly ZDI-CAN-4744.
13 CVE-2017-11381 77 2017-08-01 2017-08-03
7.5
None Remote Low Not required Partial Partial Partial
A command injection vulnerability exists in Trend Micro Deep Discovery Director 1.1 that allows an attacker to restore accounts that can access the pre-configuration console.
14 CVE-2017-11366 77 Exec Code 2017-08-20 2017-08-30
7.5
None Remote Low Not required Partial Partial Partial
components/filemanager/class.filemanager.php in Codiad before 2.8.4 is vulnerable to remote command execution because shell commands can be embedded in parameter values, as demonstrated by search_file_type.
15 CVE-2017-11150 77 Exec Code 2017-08-14 2017-08-25
6.5
None Remote Low Single system Partial Partial Partial
Command injection vulnerability in Document.php in Synology Office 2.2.0-1502 and 2.2.1-1506 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the crafted file name of RTF documents.
16 CVE-2017-9980 77 2017-07-21 2017-07-24
7.5
None Remote Low Not required Partial Partial Partial
In Green Packet DX-350 Firmware version v2.8.9.5-g1.4.8-atheeb, the "PING" (aka tag_ipPing) feature within the web interface allows performing command injection, via the "pip" parameter.
17 CVE-2017-9828 77 Exec Code 2017-06-23 2017-07-05
10.0
None Remote Low Not required Complete Complete Complete
'/cgi-bin/admin/testserver.cgi' of the web service in most of the VIVOTEK Network Cameras is vulnerable to shell command injection, which allows remote attackers to execute any shell command as root via a crafted HTTP request. This vulnerability is already verified on VIVOTEK Network Camera IB8369/FD8164/FD816BA; most others have similar firmware that may be affected. An attack uses shell metacharacters in the senderemail parameter.
18 CVE-2017-9757 77 CSRF 2017-06-19 2017-06-28
6.5
None Remote Low Single system Partial Partial Partial
IPFire 2.19 has a Remote Command Injection vulnerability in ids.cgi via the OINKCODE parameter, which is mishandled by a shell. This can be exploited directly by authenticated users, or through CSRF.
19 CVE-2017-8859 77 Exec Code 2017-05-09 2017-05-15
10.0
Admin Remote Low Not required Complete Complete Complete
In Veritas NetBackup Appliance 3.0 and earlier, unauthenticated users can execute arbitrary commands as root.
20 CVE-2017-8799 77 Exec Code 2017-05-05 2017-05-17
7.5
None Remote Low Not required Partial Partial Partial
Untrusted input execution via igetwild in all iRODS versions before 4.1.11 and 4.2.1 allows other iRODS users (potentially anonymous) to execute remote shell commands via iRODS virtual pathnames. To exploit this vulnerability, a virtual iRODS pathname that includes a semicolon would be retrieved via igetwild. Because igetwild is a Bash script, the part of the pathname following the semicolon would be executed in the user's shell.
21 CVE-2017-8220 77 Exec Code 2017-04-25 2017-05-09
9.0
None Remote Low Single system Complete Complete Complete
TP-Link C2 and C20i devices through firmware 0.9.1 4.2 v0032.0 Build 160706 Rel.37961n allow remote code execution with a single HTTP request by placing shell commands in a "host=" line within HTTP POST data.
22 CVE-2017-8051 77 2017-04-21 2017-04-26
10.0
None Remote Low Not required Complete Complete Complete
Tenable Appliance 3.5 - 4.4.0, and possibly prior versions, contains a flaw in the simpleupload.py script in the Web UI. Through the manipulation of the tns_appliance_session_user parameter, a remote attacker can inject arbitrary commands.
23 CVE-2017-7981 77 Exec Code 2017-04-29 2017-08-15
9.0
None Remote Low Single system Complete Complete Complete
Tuleap before 9.7 allows command injection via the PhpWiki 1.3.10 SyntaxHighlighter plugin. This occurs in the Project Wiki component because the proc_open PHP function is used within PhpWiki before 1.5.5 with a syntax value in its first argument, and an authenticated Tuleap user can control this value, even with shell metacharacters, as demonstrated by a '<?plugin SyntaxHighlighter syntax="c;id"' line to execute the id command.
24 CVE-2017-7977 77 Exec Code Bypass 2017-07-19 2017-08-08
10.0
None Remote Low Not required Complete Complete Complete
The Screensavercc component in eLux RP before 5.5.0 allows attackers to bypass intended configuration restrictions and execute arbitrary commands with root privileges by inserting commands in a local configuration dialog in the control panel.
25 CVE-2017-7876 77 2017-06-15 2017-06-22
7.5
None Remote Low Not required Partial Partial Partial
QNAP QTS before 4.2.6 build 20170517 allows command injection.
26 CVE-2017-7722 77 2017-04-12 2017-04-21
10.0
None Remote Low Not required Complete Complete Complete
In SolarWinds Log & Event Manager (LEM) before 6.3.1 Hotfix 4, a menu system is encountered when the SSH service is accessed with "cmc" and "password" (the default username and password). By exploiting a vulnerability in the restrictssh feature of the menuing script, an attacker can escape from the restricted shell.
27 CVE-2017-7689 77 2017-04-11 2017-04-18
10.0
None Remote Low Not required Complete Complete Complete
A Command Injection vulnerability in Schneider Electric homeLYnk Controller exists in all versions before 1.5.0.
28 CVE-2017-7647 77 Exec Code 2017-04-10 2017-04-17
6.5
None Remote Low Single system Partial Partial Partial
SolarWinds Log & Event Manager (LEM) before 6.3.1 Hotfix 4 allows an authenticated user to execute arbitrary commands.
29 CVE-2017-7414 77 2017-04-04 2017-04-12
5.1
None Remote High Not required Partial Partial Partial
In Horde_Crypt before 2.7.6, as used in Horde Groupware Webmail Edition 5.x through 5.2.17, OS Command Injection can occur if the user has PGP features enabled in the user's preferences, and has enabled the "Should PGP signed messages be automatically verified when viewed?" preference. To exploit this vulnerability, an attacker can send a PGP signed email (that is maliciously crafted) to the Horde user, who then must either view or preview it.
30 CVE-2017-7413 77 2017-04-04 2017-04-11
9.0
None Remote Low Single system Complete Complete Complete
In Horde_Crypt before 2.7.6, as used in Horde Groupware Webmail Edition through 5.2.17, OS Command Injection can occur if the attacker is an authenticated Horde Webmail user, has PGP features enabled in their preferences, and attempts to encrypt an email addressed to a maliciously crafted email address.
31 CVE-2017-6794 77 Exec Code 2017-09-07 2017-09-14
7.2
None Local Low Not required Complete Complete Complete
A vulnerability in the CLI command-parsing code of Cisco Meeting Server could allow an authenticated, local attacker to perform command injection and escalate their privileges to root. The attacker must first authenticate to the application with valid administrator credentials. The vulnerability is due to insufficient validation of user-supplied input at the CLI for certain commands. An attacker could exploit this vulnerability by authenticating to the affected application and submitting a crafted CLI command for execution at the Cisco Meeting Server CLI. An exploit could allow the attacker to perform command injection and escalate their privilege level to root. Vulnerable Products: This vulnerability exists in Cisco Meeting Server software versions prior to and including 2.0, 2.1, and 2.2. Cisco Bug IDs: CSCvf53830.
32 CVE-2017-6650 77 2017-05-21 2017-07-17
4.6
None Local Low Not required Partial Partial Partial
A vulnerability in the Telnet CLI command of Cisco NX-OS System Software 7.1 through 7.3 running on Cisco Nexus Series Switches could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command arguments. An attacker could exploit this vulnerability by injecting crafted command arguments into the Telnet CLI command. An exploit could allow the attacker to read or write arbitrary files at the user's privilege level outside of the user's path. Cisco Bug IDs: CSCvb86771.
33 CVE-2017-6649 77 2017-05-21 2017-07-17
4.6
None Local Low Not required Partial Partial Partial
A vulnerability in the CLI of Cisco NX-OS System Software 7.1 through 7.3 running on Cisco Nexus Series Switches could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command arguments. An attacker could exploit this vulnerability by injecting crafted command arguments into a vulnerable CLI command. An exploit could allow the attacker to read or write arbitrary files at the user's privilege level outside of the user's path. Cisco Bug IDs: CSCvb86787, CSCve60516, CSCve60555.
34 CVE-2017-6602 77 2017-04-07 2017-07-11
3.6
None Local Low Not required Partial Partial None
A vulnerability in the CLI of Cisco Unified Computing System (UCS) Manager, Cisco Firepower 4100 Series Next-Generation Firewall (NGFW), and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to perform a command injection attack. More Information: CSCvb66189 CSCvb86775. Known Affected Releases: 2.0(1.68) 3.1(1k)A. Known Fixed Releases: 92.2(1.101) 92.1(1.1742) 92.1(1.1658) 2.1(1.38) 2.0(1.107) 2.0(1.87) 1.1(4.148) 1.1(4.138).
35 CVE-2017-6601 77 2017-04-07 2017-07-11
3.6
None Local Low Not required Partial Partial None
A vulnerability in the CLI of the Cisco Unified Computing System (UCS) Manager, Cisco Firepower 4100 Series Next-Generation Firewall (NGFW), and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to perform a command injection attack. More Information: CSCvb61384 CSCvb86764. Known Affected Releases: 2.0(1.68) 3.1(1k)A. Known Fixed Releases: 92.2(1.101) 92.1(1.1647).
36 CVE-2017-6600 77 2017-04-07 2017-07-11
7.2
None Local Low Not required Complete Complete Complete
A vulnerability in the CLI of the Cisco Unified Computing System (UCS) Manager, Cisco Firepower 4100 Series Next-Generation Firewall (NGFW), and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to perform a command injection attack. More Information: CSCvb61351 CSCvb61637. Known Affected Releases: 2.0(1.68) 3.1(1k)A. Known Fixed Releases: 92.2(1.101) 92.1(1.1645) 2.0(1.82) 1.1(4.136.
37 CVE-2017-6526 77 Exec Code 2017-03-09 2017-08-15
10.0
None Remote Low Not required Complete Complete Complete
An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is vulnerable to unauthenticated command execution through an improperly protected administrative web shell (cgi-bin/dna/sysAdmin.cgi POST requests).
38 CVE-2017-6398 77 Exec Code 2017-03-14 2017-03-15
9.0
Admin Remote Low Single system Complete Complete Complete
An issue was discovered in Trend Micro InterScan Messaging Security (Virtual Appliance) 9.1-1600. An authenticated user can execute a terminal command in the context of the web server user (which is root). Besides, the default installation of IMSVA comes with default administrator credentials. The saveCert.imss endpoint takes several user inputs and performs blacklisting. After that, it uses them as arguments to a predefined operating-system command without proper sanitization. However, because of an improper blacklisting rule, it's possible to inject arbitrary commands into it.
39 CVE-2017-6361 77 Exec Code 2017-03-23 2017-08-15
10.0
None Remote Low Not required Complete Complete Complete
QNAP QTS before 4.2.4 Build 20170313 allows attackers to execute arbitrary commands via unspecified vectors.
40 CVE-2017-6360 77 +Priv +Info 2017-03-23 2017-08-15
10.0
None Remote Low Not required Complete Complete Complete
QNAP QTS before 4.2.4 Build 20170313 allows attackers to gain administrator privileges and obtain sensitive information via unspecified vectors.
41 CVE-2017-6359 77 Exec Code +Priv 2017-03-23 2017-08-15
10.0
None Remote Low Not required Complete Complete Complete
QNAP QTS before 4.2.4 Build 20170313 allows attackers to gain administrator privileges and execute arbitrary commands via unspecified vectors.
42 CVE-2017-6184 77 2017-03-30 2017-04-04
6.5
None Remote Low Single system Partial Partial Partial
In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine's interface responsible for generating reports was vulnerable to remote command injection via the token parameter, aka NSWA-1303.
43 CVE-2017-6183 77 2017-03-30 2017-04-04
6.5
None Remote Low Single system Partial Partial Partial
In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine's configuration utilities for adding (and detecting) Active Directory servers was vulnerable to remote command injection, aka NSWA-1314.
44 CVE-2017-6182 77 2017-03-30 2017-08-11
7.5
None Remote Low Not required Partial Partial Partial
In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine's interface responsible for generating reports was vulnerable to remote command injection via functions, aka NSWA-1304.
45 CVE-2017-6079 77 Exec Code 2017-05-16 2017-05-25
10.0
None Remote Low Not required Complete Complete Complete
The HTTP web-management application on Edgewater Networks Edgemarc appliances has a hidden page that allows for user-defined commands such as specific iptables routes, etc., to be set. You can use this page as a web shell essentially to execute commands, though you get no feedback client-side from the web application: if the command is valid, it executes. An example is the wget command. The page that allows this has been confirmed in firmware as old as 2006.
46 CVE-2017-6048 77 2017-05-18 2017-05-31
9.0
Admin Remote Low Single system Complete Complete Complete
A Command Injection issue was discovered in Satel Iberia SenNet Data Logger and Electricity Meters: SenNet Optimal DataLogger V5.37c-1.43c and prior, SenNet Solar Datalogger V5.03-1.56a and prior, and SenNet Multitask Meter V5.21a-1.18b and prior. Successful exploitation of this vulnerability could result in the attacker breaking out of the jailed shell and gaining full access to the system.
47 CVE-2017-5675 77 Exec Code 2017-03-13 2017-03-15
9.0
None Remote Low Single system Complete Complete Complete
A command-injection vulnerability exists in a web application on a custom-built GoAhead web server used on Foscam, Vstarcam, and multiple white-label IP camera models. The mail-sending form in the mail.htm page allows an attacker to inject a command into the receiver1 field in the form; it will be executed with root privileges.
48 CVE-2017-4984 77 Exec Code 2017-06-19 2017-06-29
10.0
None Remote Low Not required Complete Complete Complete
In EMC VNX2 versions prior to OE for File 8.1.9.211 and VNX1 versions prior to OE for File 7.1.80.8, an unauthenticated remote attacker may be able to elevate their permissions to root through a command injection. This may potentially be exploited by an attacker to run arbitrary code with root-level privileges on the targeted VNX Control Station system, aka remote code execution.
49 CVE-2017-4918 77 2017-06-08 2017-07-07
10.0
None Remote Low Not required Complete Complete Complete
VMware Horizon View Client (2.x, 3.x and 4.x prior to 4.5.0) contains a command injection vulnerability in the service startup script. Successful exploitation of this issue may allow unprivileged users to escalate their privileges to root on the Mac OSX system where the client is installed.
50 CVE-2017-4054 77 Exec Code 2017-07-12 2017-07-17
6.5
None Remote Low Single system Partial Partial Partial
Command Injection vulnerability in the web interface in McAfee Advanced Threat Defense (ATD) 3.10, 3.8, 3.6, 3.4 allows remote authenticated users to execute a command of their choice via a crafted HTTP request parameter.
Total number of vulnerabilities : 199   Page : 1 (This Page)2 3 4
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.