Total
2652 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-14707 | 2025-12-15 | 10.0 HIGH | 9.8 CRITICAL | ||
| A security flaw has been discovered in Shiguangwu sgwbox N3 2.0.25. Affected is an unknown function of the file /usr/sbin/http_eshell_server of the component DOCKER Feature. Performing manipulation of the argument params results in command injection. The attack may be initiated remotely. The exploit has been released to the public and may be exploited. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2025-14706 | 2025-12-15 | 10.0 HIGH | 9.8 CRITICAL | ||
| A vulnerability was identified in Shiguangwu sgwbox N3 2.0.25. This impacts an unknown function of the file /usr/sbin/http_eshell_server of the component NETREBOOT Interface. Such manipulation leads to command injection. The attack can be launched remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2025-14705 | 2025-12-15 | 10.0 HIGH | 9.8 CRITICAL | ||
| A vulnerability was determined in Shiguangwu sgwbox N3 2.0.25. This affects an unknown function of the component SHARESERVER Feature. This manipulation of the argument params causes command injection. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2025-14659 | 2025-12-14 | 9.0 HIGH | 8.8 HIGH | ||
| A vulnerability was detected in D-Link DIR-860LB1 and DIR-868LB1 203b01/203b03. Affected is an unknown function of the component DHCP Daemon. The manipulation of the argument Hostname results in command injection. It is possible to launch the attack remotely. The exploit is now public and may be used. | |||||
| CVE-2025-14648 | 2025-12-14 | 5.8 MEDIUM | 4.7 MEDIUM | ||
| A security vulnerability has been detected in DedeBIZ up to 6.5.9. Affected by this vulnerability is an unknown functionality of the file /src/admin/catalog_add.php. Such manipulation leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used. | |||||
| CVE-2025-14586 | 2025-12-13 | 6.5 MEDIUM | 6.3 MEDIUM | ||
| A vulnerability was determined in TOTOLINK X5000R 9.1.0cu.2089_B20211224. Affected by this issue is the function snprintf of the file /cgi-bin/cstecgi.cgi?action=exportOvpn&type=user. This manipulation of the argument User causes os command injection. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized. | |||||
| CVE-2025-54100 | 1 Microsoft | 14 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 11 more | 2025-12-12 | N/A | 7.8 HIGH |
| Improper neutralization of special elements used in a command ('command injection') in Windows PowerShell allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-11490 | 1 Wonderwhy-er | 1 Desktopcommandermcp | 2025-12-12 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability has been found in wonderwhy-er DesktopCommanderMCP up to 0.2.13. The affected element is the function extractBaseCommand of the file src/command-manager.ts of the component Absolute Path Handler. Such manipulation leads to os command injection. The attack may be performed from remote. The exploit has been disclosed to the public and may be used. The vendor explains: "The usual use case is that AI is asked to do something, picks commands itself, and typically uses simple command names without absolute paths. It's curious why a user would ask the model to bypass restrictions this way. (...) This could potentially be a problem, but we are yet to hear reports of this being an issue in actual workflows. We'll leave this issue open for situations where people may report this as a problem for the long term." | |||||
| CVE-2025-11491 | 1 Wonderwhy-er | 1 Desktopcommandermcp | 2025-12-12 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability was found in wonderwhy-er DesktopCommanderMCP up to 0.2.13. The impacted element is the function CommandManager of the file src/command-manager.ts. Performing manipulation results in os command injection. It is possible to initiate the attack remotely. The exploit has been made public and could be used. | |||||
| CVE-2025-65292 | 2025-12-12 | N/A | 7.3 HIGH | ||
| Command injection vulnerability in Aqara Hub devices including Camera Hub G3 4.1.9_0027, Hub M2 4.3.6_0027, and Hub M3 4.3.6_0025 allows attackers to execute arbitrary commands with root privileges through malicious domain names. | |||||
| CVE-2025-14485 | 2025-12-12 | 4.6 MEDIUM | 5.0 MEDIUM | ||
| A weakness has been identified in EFM ipTIME A3004T 14.19.0. This vulnerability affects the function show_debug_screen of the file /sess-bin/timepro.cgi of the component Administrator Password Handler. This manipulation of the argument aaksjdkfj with the input !@dnjsrureljrm*& causes command injection. The attack is possible to be carried out remotely. The complexity of an attack is rather high. It is stated that the exploitability is difficult. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2025-67511 | 2025-12-12 | N/A | 9.6 CRITICAL | ||
| Cybersecurity AI (CAI) is an open-source framework for building and deploying AI-powered offensive and defensive automation. Versions 0.5.9 and below are vulnerable to Command Injection through the run_ssh_command_with_credentials() function, which is available to AI agents. Only password and command inputs are escaped in run_ssh_command_with_credentials to prevent shell injection; while username, host and port values are injectable. This issue does not have a fix at the time of publication. | |||||
| CVE-2025-65293 | 2025-12-12 | N/A | 6.6 MEDIUM | ||
| Command injection vulnerabilities in Aqara Camera Hub G3 4.1.9_0027 allow attackers to execute arbitrary commands with root privileges through malicious QR codes during device setup and factory reset. | |||||
| CVE-2025-67728 | 2025-12-12 | N/A | 9.8 CRITICAL | ||
| Fireshare facilitates self-hosted media and link sharing. Versions 1.2.30 and below allow an authenticated user, or unauthenticated user if the Public Uploads setting is enabled, to craft a malicious filename when uploading a video file. The malicious filename is then concatenated directly into a shell command, which can be used for uploading files to arbitrary directories via path traversal, or executing system commands for Remote Code Execution (RCE). This issue is fixed in version 1.3.0. | |||||
| CVE-2025-67508 | 2025-12-12 | N/A | 8.0 HIGH | ||
| gardenctl is a command-line client for the Gardener which configures access to clusters and cloud provider CLI tools. When using non‑POSIX shells such as Fish and PowerShell, versions 2.11.0 and below of gardenctl allow an attacker with administrative privileges for a Gardener project to craft malicious credential values. The forged credential values are used in infrastructure Secret objects that break out of the intended string context when evaluated in Fish or PowerShell environments used by the Gardener service operators. This issue is fixed in version 2.12.0. | |||||
| CVE-2025-64671 | 1 Microsoft | 1 Github Copilot | 2025-12-12 | N/A | 8.4 HIGH |
| Improper neutralization of special elements used in a command ('command injection') in Copilot allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-14106 | 1 Zspace | 2 Q2c Nas, Q2c Nas Firmware | 2025-12-12 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was identified in ZSPACE Q2C NAS up to 1.1.0210050. Affected is the function zfilev2_api.CloseSafe of the file /v2/file/safe/close of the component HTTP POST Request Handler. The manipulation of the argument safe_dir leads to command injection. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2025-14107 | 1 Zspace | 2 Q2c Nas, Q2c Nas Firmware | 2025-12-12 | 9.0 HIGH | 8.8 HIGH |
| A security flaw has been discovered in ZSPACE Q2C NAS up to 1.1.0210050. Affected by this vulnerability is the function zfilev2_api.SafeStatus of the file /v2/file/safe/status of the component HTTP POST Request Handler. The manipulation of the argument safe_dir results in command injection. The attack may be performed from remote. The exploit has been released to the public and may be exploited. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2025-14108 | 1 Zspace | 2 Q2c Nas, Q2c Nas Firmware | 2025-12-12 | 9.0 HIGH | 8.8 HIGH |
| A weakness has been identified in ZSPACE Q2C NAS up to 1.1.0210050. Affected by this issue is the function zfilev2_api.OpenSafe of the file /v2/file/safe/open of the component HTTP POST Request Handler. This manipulation of the argument safe_dir causes command injection. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2025-65363 | 1 Ruijie | 2 Rg-ap720-l, Rg-ap720-l Firmware | 2025-12-12 | N/A | 7.2 HIGH |
| Authenticated append-style command-injection Ruijie APs (AP_RGOS 11.1.x) allows an authenticated web user to execute appended shell expressions as root, enabling file disclosure, device disruption, and potential network pivoting via the command parameter to the web_action.do endpoint. | |||||