Total
4780 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-9972 | 2 N-partner, Planet | 4 N-cloud, N-probe, N-reporter and 1 more | 2025-09-18 | 9.8 Critical |
| The N-Reporter, N-Cloud, and N-Probe developed by N-Partner has an OS Command Injection vulnerability, allowing authenticated remote attackers to inject arbitrary OS commands and execute them on the server. | ||||
| CVE-2025-10619 | 1 Sequa-ai | 1 Sequa-mcp | 2025-09-18 | 6.3 Medium |
| A vulnerability was detected in sequa-ai sequa-mcp up to 1.0.13. This affects the function redirectToAuthorization of the file src/helpers/node-oauth-client-provider.ts of the component OAuth Server Discovery. Performing manipulation results in os command injection. Remote exploitation of the attack is possible. The exploit is now public and may be used. Upgrading to version 1.0.14 is able to mitigate this issue. The patch is named e569815854166db5f71c2e722408f8957fb9e804. It is recommended to upgrade the affected component. The vendor explains: "We only promote that mcp server with our own URLs that have a valid response, but yes if someone would use it with a non sequa url, this is a valid attack vector. We have released a new version (1.0.14) that fixes this and validates that only URLs can be opened." | ||||
| CVE-2025-23316 | 3 Linux, Microsoft, Nvidia | 3 Linux, Windows, Triton Inference Server | 2025-09-18 | 9.8 Critical |
| NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability in the Python backend, where an attacker could cause a remote code execution by manipulating the model name parameter in the model control APIs. A successful exploit of this vulnerability might lead to remote code execution, denial of service, information disclosure, and data tampering. | ||||
| CVE-2025-54123 | 2 Hoverfly, Spectolabs | 2 Hoverfly, Hoverfly | 2025-09-17 | 9.8 Critical |
| Hoverfly is an open source API simulation tool. In versions 1.11.3 and prior, the middleware functionality in Hoverfly is vulnerable to command injection vulnerability at `/api/v2/hoverfly/middleware` endpoint due to insufficient validation and sanitization in user input. The vulnerability exists in the middleware management API endpoint `/api/v2/hoverfly/middleware`. This issue is born due to combination of three code level flaws: Insufficient Input Validation in middleware.go line 94-96; Unsafe Command Execution in local_middleware.go line 14-19; and Immediate Execution During Testing in hoverfly_service.go line 173. This allows an attacker to gain remote code execution (RCE) on any system running the vulnerable Hoverfly service. Since the input is directly passed to system commands without proper checks, an attacker can upload a malicious payload or directly execute arbitrary commands (including reverse shells) on the host server with the privileges of the Hoverfly process. Commit 17e60a9bc78826deb4b782dca1c1abd3dbe60d40 in version 1.12.0 disables the set middleware API by default, and subsequent changes to documentation make users aware of the security changes of exposing the set middleware API. | ||||
| CVE-2025-56413 | 1 1panel | 1 1panel | 2025-09-17 | 8.8 High |
| OS Command injection vulnerability in function OperateSSH in 1panel 2.0.8 allowing attackers to execute arbitrary commands via the operation parameter to the /api/v2/hosts/ssh/operate endpoint. | ||||
| CVE-2025-43884 | 1 Dell | 1 Powerprotect Data Manager | 2025-09-17 | 8.2 High |
| Dell PowerProtect Data Manager, version(s) 19.19 and 19.20, Hyper-V contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution. | ||||
| CVE-2024-6333 | 1 Xerox | 4 Altalink Firmware, Versalink Firmware, Workcentre Firmware and 1 more | 2025-09-17 | 7.2 High |
| Authenticated Remote Code Execution in Altalink, Versalink & WorkCentre Products. | ||||
| CVE-2025-34184 | 1 Ilevia | 1 Eve X1 Server | 2025-09-17 | N/A |
| Ilevia EVE X1 Server version ≤ 4.7.18.0.eden contains an unauthenticated OS command injection vulnerability in the /ajax/php/login.php script. Remote attackers can execute arbitrary system commands by injecting payloads into the 'passwd' HTTP POST parameter, leading to full system compromise or denial of service. | ||||
| CVE-2025-37129 | 2 Arubanetworks, Hp | 2 Edgeconnect Enterprise, Arubaos | 2025-09-17 | 6.7 Medium |
| A vulnerable feature in the command line interface of EdgeConnect SD-WAN could allow an authenticated attacker to exploit built-in script execution capabilities. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying operating system if the feature is enabled without proper security measures. | ||||
| CVE-2025-34186 | 1 Ilevia | 2 Eve X1 Server, Eve X5 Server | 2025-09-17 | N/A |
| Ilevia EVE X1/X5 Server version ≤ 4.7.18.0.eden contains a vulnerability in its authentication mechanism. Unsanitized input is passed to a system() call for authentication, allowing attackers to inject special characters and manipulate command parsing. Due to the binary's interpretation of non-zero exit codes as successful authentication, remote attackers can bypass authentication and gain full access to the system. | ||||
| CVE-2025-34187 | 1 Ilevia | 2 Eve X1 Server, Eve X5 Server | 2025-09-17 | N/A |
| Ilevia EVE X1/X5 Server version ≤ 4.7.18.0.eden contains a misconfiguration in the sudoers file that allows passwordless execution of certain Bash scripts. If these scripts are writable by web-facing users or accessible via command injection, attackers can replace them with malicious payloads. Execution with sudo grants full root access, resulting in remote privilege escalation and potential system compromise. | ||||
| CVE-2025-59518 | 1 Lemonldap-ng | 1 Lemonldap::ng | 2025-09-17 | 8 High |
| In LemonLDAP::NG before 2.16.7 and 2.17 through 2.21 before 2.21.3, OS command injection can occur in the Safe jail. It does not Localize _ during rule evaluation. Thus, an administrator who can edit a rule evaluated by the Safe jail can execute commands on the server. | ||||
| CVE-2025-58116 | 1 Iodata | 1 Wn-7d36qr | 2025-09-17 | 7.2 High |
| Improper neutralization of special elements used in an OS command ('OS Command Injection') issue exists in WN-7D36QR and WN-7D36QR/UE. If this vulnerability is exploited, an arbitrary OS command may be executed by a remote authenticated attacker. | ||||
| CVE-2025-10589 | 1 N-partner | 3 N-cloud, N-probe, N-reporter | 2025-09-17 | 8.8 High |
| The N-Reporter, N-Cloud, and N-Probe developed by N-Partner has an OS Command Injection vulnerability, allowing authenticated remote attackers to inject arbitrary OS commands and execute them on the server. | ||||
| CVE-2025-37126 | 2 Arubanetworks, Hp | 2 Edgeconnect Enterprise, Arubaos | 2025-09-17 | 7.2 High |
| A vulnerability exists in the HPE Aruba Networking EdgeConnect SD-WAN Gateways Command Line Interface that allows remote authenticated users to run arbitrary commands on the underlying host. Successful exploitation of this vulnerability will result in the ability to execute arbitrary commands as root on the underlying operating system. | ||||
| CVE-2025-10440 | 2 D-link, Dlink | 6 Di-8003g, Di-8100, Di-8100g and 3 more | 2025-09-17 | 6.3 Medium |
| A vulnerability has been found in D-Link DI-8100, DI-8100G, DI-8200, DI-8200G, DI-8003 and DI-8003G 16.07.26A1/17.12.20A1/19.12.10A1. Affected by this vulnerability is the function sub_4621DC of the file usb_paswd.asp of the component jhttpd. The manipulation of the argument hname leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-10441 | 1 D-link | 3 Di-8003g, Di-8100g, Di-8200g | 2025-09-17 | 6.3 Medium |
| A vulnerability was found in D-Link DI-8100G, DI-8200G and DI-8003G 17.12.20A1/19.12.10A1. Affected by this issue is the function sub_433F7C of the file version_upgrade.asp of the component jhttpd. The manipulation of the argument path results in os command injection. The attack may be launched remotely. The exploit has been made public and could be used. | ||||
| CVE-2025-10442 | 1 Tenda | 2 Ac15, Ac9 | 2025-09-17 | 6.3 Medium |
| A vulnerability was determined in Tenda AC9 and AC15 15.03.05.14. This affects the function formexeCommand of the file /goform/exeCommand. This manipulation of the argument cmdinput causes os command injection. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized. | ||||
| CVE-2025-59359 | 1 Chaos-mesh | 1 Chaos-mesh | 2025-09-17 | 9.8 Critical |
| The cleanTcs mutation in Chaos Controller Manager is vulnerable to OS command injection. In conjunction with CVE-2025-59358, this allows unauthenticated in-cluster attackers to perform remote code execution across the cluster. | ||||
| CVE-2025-59360 | 1 Chaos-mesh | 1 Chaos-mesh | 2025-09-17 | 9.8 Critical |
| The killProcesses mutation in Chaos Controller Manager is vulnerable to OS command injection. In conjunction with CVE-2025-59358, this allows unauthenticated in-cluster attackers to perform remote code execution across the cluster. | ||||