All CosmicBytez Labs articles tagged #OS Command Injection, across news, security advisories, how-to guides, and projects.
A CVSS 9.8 critical OS command injection vulnerability in the Comfast CF-WR631AX V3 router allows unauthenticated network-adjacent attackers to execute arbitrary commands via a manipulated filename argument in the FastCGI backend webmgnt binary.
A high-severity OS command injection vulnerability in Dell PowerProtect Data Domain allows authenticated remote attackers to execute arbitrary commands...
A high-severity OS command injection flaw in Dell Display and Peripheral Manager for macOS (versions prior to 2.3) allows low-privileged local attackers...
Critical OS command injection in Fortra Core Privileged Access Manager allows unauthenticated remote code execution via the boks_autoregisterd service at...
A maximum-severity OS command injection vulnerability in Ivanti Sentry allows unauthenticated remote attackers to achieve root-level code execution. Patch...
A CVSS 9.8 OS command injection vulnerability in openlabs docker-wkhtmltopdf-aas allows unauthenticated remote code execution via a crafted POST request to…
A CVSS 9.0 OS command injection flaw in Samba allows remote attackers to execute arbitrary commands on file servers and domain controllers using the %u...
OS command injection (CVSS 9.1) in Perl's HTTP::Daemon lets attackers run arbitrary commands via magic prefix abuse in send_file's two-arg open().
Dokploy versions 0.26.6 and below contain a critical OS command injection vulnerability in the appName parameter, enabling unauthenticated remote code...
A critical OS command injection flaw in Universal Robots PolyScope Dashboard Server (CVSS 9.8) allows unauthenticated attackers to execute arbitrary...
A critical OS command injection vulnerability in the Totolink A8000RU router allows remote attackers to execute arbitrary commands by manipulating the...
A critical unauthenticated OS command injection vulnerability in the Totolink A8000RU router firmware 7.1cu.643_b20200521 allows remote attackers to...
A critical OS command injection vulnerability in NewSoftOA by NewSoft allows unauthenticated local attackers to inject and execute arbitrary OS commands...
A critical OS command injection vulnerability (CVSS 9.8) in TOTOLINK A7100RU routers allows unauthenticated remote attackers to execute arbitrary system...
A second critical OS command injection vulnerability (CVSS 9.8) in TOTOLINK A7100RU routers allows unauthenticated remote attackers to execute arbitrary...
The command auto-approval module in Axon Code contains an OS Command Injection vulnerability. An incompatible Unix-based shell-quote parser is used on...
A critical chain of vulnerabilities in WWBN AVideo's CloneSite plugin allows fully unauthenticated attackers to achieve remote code execution via key...
A high-severity OS command injection vulnerability (CVSS 9.1) in the Angeet ES3 KVM switch allows authenticated attackers to execute arbitrary OS-level...