Total
2965 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-65946 | 1 Roocode | 1 Roo Code | 2025-12-04 | N/A | 8.1 HIGH |
| Roo Code is an AI-powered autonomous coding agent that lives in users' editors. Prior to version 3.26.7, Due to an error in validation it was possible for Roo to automatically execute commands that did not match the allow list prefixes. This issue has been patched in version 3.26.7. | |||||
| CVE-2025-37163 | 1 Arubanetworks | 1 Airwave | 2025-12-03 | N/A | 7.2 HIGH |
| A command injection vulnerability has been identified in the command line interface of the HPE Aruba Networking Airwave Platform. An authenticated attacker could exploit this vulnerability to execute arbitrary operating system commands with elevated privileges on the underlying operating system. | |||||
| CVE-2025-13562 | 1 Dlink | 2 Dir-852, Dir-852 Firmware | 2025-11-26 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability was identified in D-Link DIR-852 1.00. This issue affects some unknown processing of the file /gena.cgi. Such manipulation of the argument service leads to command injection. The attack can be executed remotely. The exploit is publicly available and might be used. This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2025-6945 | 1 Gitlab | 1 Gitlab | 2025-11-20 | N/A | 3.5 LOW |
| GitLab has remediated an issue in GitLab EE affecting all versions from 17.8 before 18.3.6, 18.4 before 18.4.4, and 18.5 before 18.5.2 that could have allowed an authenticated attacker to leak sensitive information from confidential issues by injecting hidden prompts into merge request comments. | |||||
| CVE-2025-63749 | 1 Pnetlab | 1 Pnetlab | 2025-11-20 | N/A | 6.5 MEDIUM |
| pnetlab 5.3.11 is vulnerable to Command Injection via the qemu_options parameter. | |||||
| CVE-2025-11335 | 1 Dlink | 2 Di-7100g C1, Di-7100g C1 Firmware | 2025-11-19 | 5.8 MEDIUM | 4.7 MEDIUM |
| A weakness has been identified in D-Link DI-7100G C1 up to 20250928. Affected by this vulnerability is the function sub_46409C of the file /msp_info.htm?flag=qos of the component jhttpd. This manipulation of the argument iface causes command injection. The attack is possible to be carried out remotely. The exploit has been made available to the public and could be exploited. | |||||
| CVE-2025-11407 | 1 Dlink | 2 Di-7001mini-8g, Di-7001mini-8g Firmware | 2025-11-19 | 6.5 MEDIUM | 6.3 MEDIUM |
| A weakness has been identified in D-Link DI-7001 MINI 24.04.18B1. Impacted is an unknown function of the file /upgrade_filter.asp. This manipulation of the argument path causes os command injection. The attack may be initiated remotely. The exploit has been made available to the public and could be exploited. | |||||
| CVE-2025-63258 | 2025-11-19 | N/A | 6.5 MEDIUM | ||
| A remote command execution (RCE) vulnerability was discovered in all H3C ERG3/ERG5 series routers and XiaoBei series routers, cloud gateways, and wireless access points (versions R0162P07, UAP700-WPT330-E2265, UAP672-WPT330-R2262, UAP662E-WPT330-R2262P03, WAP611-WPT330-R1348-OASIS, WAP662-WPT330-R2262, WAP662H-WPT330-R2262, USG300V2-WPT330-R2129, MSG300-WPT330-R1350, and MSG326-WPT330-R2129). Attackers are able to exploit this vulnerability via injecting crafted commands into the sessionid parameter. | |||||
| CVE-2025-37162 | 2025-11-19 | N/A | 6.5 MEDIUM | ||
| A vulnerability in the command line interface of affected devices could allow an authenticated remote attacker to conduct a command injection attack. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying operating system. | |||||
| CVE-2025-60687 | 1 Totolink | 2 Lr1200gb, Lr1200gb Firmware | 2025-11-19 | N/A | 6.5 MEDIUM |
| An unauthenticated command injection vulnerability exists in the ToToLink LR1200GB Router firmware V9.1.0u.6619_B20230130 within the cstecgi.cgi binary (sub_41EC68 function). The binary reads the "imei" parameter from a web request and verifies only that it is 15 characters long. The parameter is then directly inserted into a system command using sprintf() and executed with system(). Maliciously crafted IMEI input can execute arbitrary commands on the router without authentication. | |||||
| CVE-2025-60689 | 1 Linksys | 2 E1200, E1200 Firmware | 2025-11-19 | N/A | 5.4 MEDIUM |
| An unauthenticated command injection vulnerability exists in the Start_EPI function of the httpd binary on Linksys E1200 v2 routers (Firmware E1200_v2.0.11.001_us.tar.gz). The vulnerability occurs because user-supplied CGI parameters (wl_ant, wl_ssid, wl_rate, ttcp_num, ttcp_ip, ttcp_size) are concatenated into system command strings without proper sanitization and executed via wl_exec_cmd. Successful exploitation allows remote attackers to execute arbitrary commands on the device without authentication. | |||||
| CVE-2016-2002 | 1 Opentext | 1 Vertica | 2025-11-19 | 10.0 HIGH | 9.8 CRITICAL |
| The validateAdminConfig handler in the Analytics Management Console in HPE Vertica 7.0.x before 7.0.2.12, 7.1.x before 7.1.2-12, and 7.2.x before 7.2.2-1 allows remote attackers to execute arbitrary commands via the mcPort parameter, aka ZDI-CAN-3417. | |||||
| CVE-2024-3566 | 7 Golang, Haskell, Microsoft and 4 more | 7 Go, Process Library, Windows and 4 more | 2025-11-18 | N/A | 9.8 CRITICAL |
| A command inject vulnerability allows an attacker to perform command injection on Windows applications that indirectly depend on the CreateProcess function when the specific conditions are satisfied. | |||||
| CVE-2025-60702 | 1 Totolink | 2 A950rg, A950rg Firmware | 2025-11-18 | N/A | 6.5 MEDIUM |
| A command injection vulnerability exists in the TOTOLINK A950RG Router firmware V5.9c.4592_B20191022_ALL within the `system.so` binary. The `setDiagnosisCfg` function retrieves the `ipDoamin` parameter from user input via `websGetVar` and concatenates it directly into a `ping` system command executed via `CsteSystem()` without any sanitization. An unauthenticated remote attacker can exploit this vulnerability to execute arbitrary commands on the device through specially crafted HTTP requests to the router's web interface. | |||||
| CVE-2025-60682 | 1 Totolink | 2 A720r, A720r Firmware | 2025-11-17 | N/A | 6.5 MEDIUM |
| A command injection vulnerability exists in the ToToLink A720R Router firmware V4.1.5cu.614_B20230630 within the cloudupdate_check binary, specifically in the sub_402414 function that handles cloud update parameters. User-supplied 'magicid' and 'url' values are directly concatenated into shell commands and executed via system() without any sanitization or escaping. An unauthenticated remote attacker can exploit this vulnerability to execute arbitrary commands on the device. | |||||
| CVE-2025-60683 | 1 Totolink | 2 A720r, A720r Firmware | 2025-11-17 | N/A | 6.5 MEDIUM |
| A command injection vulnerability exists in the ToToLink A720R Router firmware V4.1.5cu.614_B20230630 within the sysconf binary, specifically in the sub_40BFA4 function that handles network interface reinitialization from '/var/system/linux_vlan_reinit'. Input is only partially validated by checking the prefix of interface names, and is concatenated into shell commands executed via system() without escaping. An attacker with write access to this file can execute arbitrary commands on the device. | |||||
| CVE-2025-57685 | 2025-11-17 | N/A | 8.8 HIGH | ||
| The LB-Link routers, including the BL-AC2100_AZ3 V1.0.4, BL-WR4000 v2.5.0, BL-WR9000_AE4 v2.4.9, BL-AC1900_AZ2 v1.0.2, BL-X26_AC8 v1.2.8, and BL-LTE300_DA4 V1.2.3 models, are vulnerable to unauthorized command injection. Attackers can exploit this vulnerability by accessing the /goform/set_serial_cfg interface to gain the highest level of device privileges without authorization, enabling them to remotely execute malicious commands. | |||||
| CVE-2025-60675 | 1 Dlink | 2 Dir-823g, Dir-823g Firmware | 2025-11-17 | N/A | 5.4 MEDIUM |
| A command injection vulnerability exists in the D-Link DIR-823G router firmware DIR823G_V1.0.2B05_20181207.bin in the timelycheck and sysconf binaries, which process the /tmp/new_qos.rule configuration file. The vulnerability occurs because parsed fields from the configuration file are concatenated into command strings and executed via system() without any sanitization. An attacker with write access to /tmp/new_qos.rule can execute arbitrary commands on the device. | |||||
| CVE-2025-60671 | 1 Dlink | 2 Dir-823g, Dir-823g Firmware | 2025-11-17 | N/A | 5.4 MEDIUM |
| A command injection vulnerability exists in the D-Link DIR-823G router firmware DIR823G_V1.0.2B05_20181207.bin in the timelycheck and sysconf binaries, which process the /var/system/linux_vlan_reinit file. The vulnerability occurs because content read from this file is only partially validated for a prefix and then formatted using vsnprintf() before being executed with system(), allowing an attacker with write access to /var/system/linux_vlan_reinit to execute arbitrary commands on the device. | |||||
| CVE-2025-60672 | 1 Dlink | 2 Dir-878, Dir-878 Firmware | 2025-11-17 | N/A | 6.5 MEDIUM |
| An unauthenticated command injection vulnerability exists in the D-Link DIR-878A1 router firmware FW101B04.bin. The vulnerability occurs in the 'SetDynamicDNSSettings' functionality, where the 'ServerAddress' and 'Hostname' parameters in prog.cgi are stored in NVRAM and later used by rc to construct system commands executed via twsystem(). An attacker can exploit this vulnerability remotely without authentication by sending a specially crafted HTTP request, leading to arbitrary command execution on the device. | |||||