Total
4244 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-4301 | 2024-11-21 | N/A | 8.8 HIGH | ||
| N-Reporter and N-Cloud, products of the N-Partner, have an OS Command Injection vulnerability. Remote attackers with normal user privilege can execute arbitrary system commands by manipulating user inputs on a specific page. | |||||
| CVE-2024-4299 | 2024-11-21 | N/A | 7.2 HIGH | ||
| The system configuration interface of HGiga iSherlock (including MailSherlock, SpamSherock, AuditSherlock) fails to filter special characters in certain function parameters, allowing remote attackers with administrative privileges to exploit this vulnerability for Command Injection attacks, enabling execution of arbitrary system commands. | |||||
| CVE-2024-4298 | 2024-11-21 | N/A | 7.2 HIGH | ||
| The email search interface of HGiga iSherlock (including MailSherlock, SpamSherock, AuditSherlock) fails to filter special characters in certain function parameters, allowing remote attackers with administrative privileges to exploit this vulnerability for Command Injection attacks, enabling execution of arbitrary system commands. | |||||
| CVE-2024-4255 | 2024-11-21 | 5.8 MEDIUM | 4.7 MEDIUM | ||
| A vulnerability, which was classified as critical, has been found in Ruijie RG-UAC up to 20240419. This issue affects some unknown processing of the file /view/network Config/GRE/gre_edit_commit.php. The manipulation of the argument name leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-262145 was assigned to this vulnerability. | |||||
| CVE-2024-42029 | 2024-11-21 | N/A | 6.3 MEDIUM | ||
| xdg-desktop-portal-hyprland (aka an XDG Desktop Portal backend for Hyprland) before 1.3.3 allows OS command execution, e.g., because single quotes are not used when sending a list of app IDs and titles via the environment. | |||||
| CVE-2024-41992 | 2024-11-21 | N/A | 8.8 HIGH | ||
| Wi-Fi Alliance wfa_dut (in Wi-Fi Test Suite) through 9.0.0 allows OS command injection via 802.11x frames because the system() library function is used. For example, on Arcadyan FMIMG51AX000J devices, this leads to wfaTGSendPing remote code execution as root via traffic to TCP port 8000 or 8080 on a LAN interface. On other devices, this may be exploitable over a WAN interface. | |||||
| CVE-2024-41815 | 1 Starship | 1 Starship | 2024-11-21 | N/A | 7.4 HIGH |
| Starship is a cross-shell prompt. Starting in version 1.0.0 and prior to version 1.20.0, undocumented and unpredictable shell expansion and/or quoting rules make it easily to accidentally cause shell injection when using custom commands with starship in bash. This issue only affects users with custom commands, so the scope is limited, and without knowledge of others' commands, it could be hard to successfully target someone. Version 1.20.0 fixes the vulnerability. | |||||
| CVE-2024-41473 | 1 Tendacn | 2 Fh1201, Fh1201 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| Tenda FH1201 v1.2.0.14 was discovered to contain a command injection vulnerability via the mac parameter at ip/goform/WriteFacMac | |||||
| CVE-2024-41468 | 1 Tendacn | 2 Fh1201, Fh1201 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| Tenda FH1201 v1.2.0.14 was discovered to contain a command injection vulnerability via the cmdinput parameter at /goform/exeCommand | |||||
| CVE-2024-41136 | 1 Arubanetworks | 1 Edgeconnect Sd-wan Orchestrator | 2024-11-21 | N/A | 6.8 MEDIUM |
| An authenticated command injection vulnerability exists in the HPE Aruba Networking EdgeConnect SD-WAN gateways Command Line Interface. Successful exploitation of this vulnerability results in the ability to execute arbitrary commands as a privileged user on the underlying operating system. | |||||
| CVE-2024-40895 | 2024-11-21 | N/A | 6.4 MEDIUM | ||
| FFRI AMC versions 3.4.0 to 3.5.3 and some OEM products that implement/bundle FFRI AMC versions 3.4.0 to 3.5.3 allow a remote unauthenticated attacker to execute arbitrary OS commands when certain conditions are met in an environment where the notification program setting is enabled and the executable file path is set to a batch file (.bat) or command file (.cmd) extension. | |||||
| CVE-2024-40641 | 2024-11-21 | N/A | 7.4 HIGH | ||
| Nuclei is a fast and customizable vulnerability scanner based on simple YAML based DSL. In affected versions it a way to execute code template without -code option and signature has been discovered. Some web applications inherit from Nuclei and allow users to edit and execute workflow files. In this case, users can execute arbitrary commands. (Although, as far as I know, most web applications use -t to execute). This issue has been addressed in version 3.3.0. Users are advised to upgrade. There are no known workarounds for this vulnerability. | |||||
| CVE-2024-3799 | 2024-11-21 | N/A | N/A | ||
| Insecure handling of POST header parameter body included in requests being sent to an instance of the open-source project Phoniebox allows an attacker to create a website, which – when visited by a user – will send malicious requests to multiple hosts on the local network. If such a request reaches the server, it will cause a shell command execution. This issue affects Phoniebox in all releases through 2.7. Newer 2.x releases were not tested, but they might also be vulnerable. Phoniebox in version 3.0 and higher are not affected. | |||||
| CVE-2024-3798 | 2024-11-21 | N/A | N/A | ||
| Insecure handling of GET header parameter file included in requests being sent to an instance of the open-source project Phoniebox allows an attacker to create a website, which – when visited by a user – will send malicious requests to multiple hosts on the local network. If such a request reaches the server, it will cause one of the following (depending on the chosen payload): shell command execution, reflected XSS or cross-site request forgery. This issue affects Phoniebox in all releases through 2.7. Newer 2.x releases were not tested, but they might also be vulnerable. Phoniebox in version 3.0 and higher are not affected. | |||||
| CVE-2024-3739 | 2024-11-21 | 6.5 MEDIUM | 6.3 MEDIUM | ||
| A vulnerability classified as critical was found in cym1102 nginxWebUI up to 3.9.9. This vulnerability affects unknown code of the file /adminPage/main/upload. The manipulation of the argument file leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-260578 is the identifier assigned to this vulnerability. | |||||
| CVE-2024-3721 | 2024-11-21 | 6.5 MEDIUM | 6.3 MEDIUM | ||
| A vulnerability was found in TBK DVR-4104 and DVR-4216 up to 20240412 and classified as critical. This issue affects some unknown processing of the file /device.rsp?opt=sys&cmd=___S_O_S_T_R_E_A_MAX___. The manipulation of the argument mdb/mdc leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-260573 was assigned to this vulnerability. | |||||
| CVE-2024-3126 | 2024-11-21 | N/A | 8.4 HIGH | ||
| A command injection vulnerability exists in the 'run_xtts_api_server' function of the parisneo/lollms-webui application, specifically within the 'lollms_xtts.py' script. The vulnerability arises due to the improper neutralization of special elements used in an OS command. The affected function utilizes 'subprocess.Popen' to execute a command constructed with a Python f-string, without adequately sanitizing the 'xtts_base_url' input. This flaw allows attackers to execute arbitrary commands remotely by manipulating the 'xtts_base_url' parameter. The vulnerability affects versions up to and including the latest version before 9.5. Successful exploitation could lead to arbitrary remote code execution (RCE) on the system where the application is deployed. | |||||
| CVE-2024-3121 | 1 Lollms | 1 Lollms | 2024-11-21 | N/A | 3.3 LOW |
| A remote code execution vulnerability exists in the create_conda_env function of the parisneo/lollms repository, version 5.9.0. The vulnerability arises from the use of shell=True in the subprocess.Popen function, which allows an attacker to inject arbitrary commands by manipulating the env_name and python_version parameters. This issue could lead to a serious security breach as demonstrated by the ability to execute the 'whoami' command among potentially other harmful commands. | |||||
| CVE-2024-3104 | 1 Mintplexlabs | 1 Anythingllm | 2024-11-21 | N/A | 9.8 CRITICAL |
| A remote code execution vulnerability exists in mintplex-labs/anything-llm due to improper handling of environment variables. Attackers can exploit this vulnerability by injecting arbitrary environment variables via the `POST /api/system/update-env` endpoint, which allows for the execution of arbitrary code on the host running anything-llm. The vulnerability is present in the latest version of anything-llm, with the latest commit identified as fde905aac1812b84066ff72e5f2f90b56d4c3a59. This issue has been fixed in version 1.0.0. Successful exploitation could lead to code execution on the host, enabling attackers to read and modify data accessible to the user running the service, potentially leading to a denial of service. | |||||
| CVE-2024-39943 | 1 Rejetto | 1 Http File Server | 2024-11-21 | N/A | 9.9 CRITICAL |
| rejetto HFS (aka HTTP File Server) 3 before 0.52.10 on Linux, UNIX, and macOS allows OS command execution by remote authenticated users (if they have Upload permissions). This occurs because a shell is used to execute df (i.e., with execSync instead of spawnSync in child_process in Node.js). | |||||