Skip to main content
COSMICBYTEZLABS
NewsSecurityHOWTOsToolsTraining
StudyProjectsNewsletterHire MeAbout
Subscribe

Press Enter to search or Esc to close

News
Security
HOWTOs
Tools
Training
Study
Projects
Newsletter
Hire Me
About
RSS Feed
Reading List
Subscribe

Stay in the Loop

Get the latest security alerts, tutorials, and tech insights delivered to your inbox.

Subscribe NowFree forever. No spam.
COSMICBYTEZLABS

Your trusted source for IT intelligence, cybersecurity insights, and hands-on technical guides.

1941+ Articles
150+ Guides

CONTENT

  • Latest News
  • Security Alerts
  • HOWTOs
  • Checklists
  • Projects
  • Exam Prep

RESOURCES

  • Search
  • Browse Tags
  • Newsletter Archive
  • Reading List
  • RSS Feed

COMPANY

  • About Us
  • Contact
  • Privacy Policy
  • Terms of Service

© 2026 CosmicBytez Labs. All rights reserved.

System Status: Operational
All tags
18 articles

#OS Command Injection

All CosmicBytez Labs articles tagged #OS Command Injection, across news, security advisories, how-to guides, and projects.

  • SecurityJul 13, 2026

    CVE-2026-15511: Critical OS Command Injection in Comfast CF-WR631AX Router

    A CVSS 9.8 critical OS command injection vulnerability in the Comfast CF-WR631AX V3 router allows unauthenticated network-adjacent attackers to execute arbitrary commands via a manipulated filename argument in the FastCGI backend webmgnt binary.

  • SecurityJul 4, 2026

    CVE-2026-49814: Dell PowerProtect Data Domain OS Command Injection

    A high-severity OS command injection vulnerability in Dell PowerProtect Data Domain allows authenticated remote attackers to execute arbitrary commands...

  • SecurityJun 26, 2026

    CVE-2026-46735: Dell DDPM Mac OS Command Injection Allows Local Privilege Escalation

    A high-severity OS command injection flaw in Dell Display and Peripheral Manager for macOS (versions prior to 2.3) allows low-privileged local attackers...

  • SecurityJun 16, 2026

    CVE-2026-9862: Fortra BoKS OS Command Injection — CVSS 9.8 RCE

    Critical OS command injection in Fortra Core Privileged Access Manager allows unauthenticated remote code execution via the boks_autoregisterd service at...

  • SecurityJun 10, 2026

    CVE-2026-10520: Ivanti Sentry OS Command Injection — CVSS 10.0

    A maximum-severity OS command injection vulnerability in Ivanti Sentry allows unauthenticated remote attackers to achieve root-level code execution. Patch...

  • SecurityJun 4, 2026

    CVE-2026-36576: Critical OS Command Injection in docker-wkhtmltopdf-aas

    A CVSS 9.8 OS command injection vulnerability in openlabs docker-wkhtmltopdf-aas allows unauthenticated remote code execution via a crafted POST request to…

  • SecurityMay 29, 2026

    CVE-2026-4408: Samba OS Command Injection via Check Password Script

    A CVSS 9.0 OS command injection flaw in Samba allows remote attackers to execute arbitrary commands on file servers and domain controllers using the %u...

  • SecurityMay 27, 2026

    CVE-2026-8450: HTTP::Daemon Perl OS Command Injection via send_file()

    OS command injection (CVSS 9.1) in Perl's HTTP::Daemon lets attackers run arbitrary commands via magic prefix abuse in send_file's two-arg open().

  • SecurityMay 19, 2026

    CVE-2026-27130 — Dokploy OS Command Injection via appName

    Dokploy versions 0.26.6 and below contain a critical OS command injection vulnerability in the appName parameter, enabling unauthenticated remote code...

  • SecurityMay 9, 2026

    CVE-2026-8153: Universal Robots PolyScope OS Command

    A critical OS command injection flaw in Universal Robots PolyScope Dashboard Server (CVSS 9.8) allows unauthenticated attackers to execute arbitrary...

  • SecurityApr 28, 2026

    CVE-2026-7136: Totolink A8000RU OS Command Injection via setDmzCfg

    A critical OS command injection vulnerability in the Totolink A8000RU router allows remote attackers to execute arbitrary commands by manipulating the...

  • SecurityApr 28, 2026

    CVE-2026-7154: Totolink A8000RU OS Command Injection via CGI Handler

    A critical unauthenticated OS command injection vulnerability in the Totolink A8000RU router firmware 7.1cu.643_b20200521 allows remote attackers to...

  • SecurityApr 21, 2026

    CVE-2026-5965: NewSoftOA Critical OS Command Injection

    A critical OS command injection vulnerability in NewSoftOA by NewSoft allows unauthenticated local attackers to inject and execute arbitrary OS commands...

  • SecurityApr 10, 2026

    CVE-2026-5977: TOTOLINK A7100RU Critical OS Command

    A critical OS command injection vulnerability (CVSS 9.8) in TOTOLINK A7100RU routers allows unauthenticated remote attackers to execute arbitrary system...

  • SecurityApr 10, 2026

    CVE-2026-5978: TOTOLINK A7100RU Critical OS Command

    A second critical OS command injection vulnerability (CVSS 9.8) in TOTOLINK A7100RU routers allows unauthenticated remote attackers to execute arbitrary...

  • SecurityMar 28, 2026

    CVE-2026-30303 — Axon Code OS Command Injection via Whitelist Bypass

    The command auto-approval module in Axon Code contains an OS Command Injection vulnerability. An incompatible Unix-based shell-quote parser is used on...

  • SecurityMar 24, 2026

    CVE-2026-33478: AVideo CloneSite Plugin Unauthenticated RCE

    A critical chain of vulnerabilities in WWBN AVideo's CloneSite plugin allows fully unauthenticated attackers to achieve remote code execution via key...

  • SecurityMar 18, 2026

    CVE-2026-32298: Angeet ES3 KVM OS Command Injection via cfg.lua Script

    A high-severity OS command injection vulnerability (CVSS 9.1) in the Angeet ES3 KVM switch allows authenticated attackers to execute arbitrary OS-level...