Total
4312 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-18600 | 1 Guardzilla | 4 180 Indoor, 180 Indoor Firmware, 180 Outdoor and 1 more | 2024-11-21 | 9.3 HIGH | 8.1 HIGH |
| The remote upgrade feature in Guardzilla GZ180 devices allow command injection via a crafted new firmware version parameter. | |||||
| CVE-2018-18555 | 1 Vyos | 1 Vyos | 2024-11-21 | 9.0 HIGH | 9.9 CRITICAL |
| A sandbox escape issue was discovered in VyOS 1.1.8. It provides a restricted management shell for operator users to administer the device. By issuing various shell special characters with certain commands, an authenticated operator user can break out of the management shell and gain access to the underlying Linux shell. The user can then run arbitrary operating system commands with the privileges afforded by their account. | |||||
| CVE-2018-18472 | 1 Westerndigital | 2 My Book Live, My Book Live Firmware | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| Western Digital WD My Book Live and WD My Book Live Duo (all versions) have a root Remote Command Execution bug via shell metacharacters in the /api/1.0/rest/language_configuration language parameter. It can be triggered by anyone who knows the IP address of the affected device, as exploited in the wild in June 2021 for factory reset commands, | |||||
| CVE-2018-18322 | 1 Control-webpanel | 1 Webpanel | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.480 has Command Injection via shell metacharacters in the admin/index.php service_start, service_restart, service_fullstatus, or service_stop parameter. | |||||
| CVE-2018-17990 | 1 Dlink | 2 Dsl-3782, Dsl-3782 Firmware | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
| An issue was discovered on D-Link DSL-3782 devices with firmware 1.01. An OS command injection vulnerability in Acl.asp allows a remote authenticated attacker to execute arbitrary OS commands via the ScrIPaddrEndTXT parameter. | |||||
| CVE-2018-17879 | 1 Abus | 94 Tvip 10000, Tvip 10000 Firmware, Tvip 10001 and 91 more | 2024-11-21 | N/A | 9.8 CRITICAL |
| An issue was discovered on certain ABUS TVIP cameras. The CGI scripts allow remote attackers to execute code via system() as root. There are several injection points in various scripts. | |||||
| CVE-2018-17867 | 1 Dasannetworks | 2 H660gw, H660gw Firmware | 2024-11-21 | 9.0 HIGH | 7.2 HIGH |
| The Port Forwarding functionality on DASAN H660GW devices allows remote attackers to execute arbitrary code via shell metacharacters in the cgi-bin/adv_nat_virsvr.asp Addr parameter (aka the Local IP Address field). | |||||
| CVE-2018-17787 | 2 D-link, Dlink | 2 Dir-823g Firmware, Dir-823g | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| On D-Link DIR-823G devices, the GoAhead configuration allows /HNAP1 Command Injection via shell metacharacters in the POST data, because this data is sent directly to the "system" library function. | |||||
| CVE-2018-17707 | 1 Epicgames | 1 Launcher | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Epic Games Launcher versions prior to 8.2.2. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handler for the com.epicgames.launcher protocol. A crafted URI with the com.epicgames.launcher protocol can trigger execution of a system call composed from a user-supplied string. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-7241. | |||||
| CVE-2018-17565 | 1 Grandstream | 12 Gxp1610, Gxp1610 Firmware, Gxp1615 and 9 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| Shell Metacharacter Injection in the SSH configuration interface on Grandstream GXP16xx VoIP 1.0.4.128 phones allows attackers to execute arbitrary system commands and gain a root shell. | |||||
| CVE-2018-17558 | 1 Abus | 94 Tvip 10000, Tvip 10000 Firmware, Tvip 10001 and 91 more | 2024-11-21 | N/A | 9.8 CRITICAL |
| Hardcoded manufacturer credentials and an OS command injection vulnerability in the /cgi-bin/mft/ directory on ABUS TVIP TVIP20050 LM.1.6.18, TVIP10051 LM.1.6.18, TVIP11050 MG.1.6.03.05, TVIP20550 LM.1.6.18, TVIP10050 LM.1.6.18, TVIP11550 MG.1.6.03, TVIP21050 MG.1.6.03, and TVIP51550 MG.1.6.03 cameras allow remote attackers to execute code as root. | |||||
| CVE-2018-17532 | 1 Teltonika | 6 Rut900, Rut900 Firmware, Rut950 and 3 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| Teltonika RUT9XX routers with firmware before 00.04.233 are prone to multiple unauthenticated OS command injection vulnerabilities in autologin.cgi and hotspotlogin.cgi due to insufficient user input sanitization. This allows remote attackers to execute arbitrary commands with root privileges. | |||||
| CVE-2018-17317 | 1 Fruitywifi Project | 1 Fruitywifi | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| FruityWifi (aka PatatasFritas/PatataWifi) 2.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the io_mode, ap_mode, io_action, io_in_iface, io_in_set, io_in_ip, io_in_mask, io_in_gw, io_out_iface, io_out_set, io_out_mask, io_out_gw, iface, or domain parameter to /www/script/config_iface.php, or the newSSID, hostapd_secure, hostapd_wpa_passphrase, or supplicant_ssid parameter to /www/page_config.php. | |||||
| CVE-2018-17228 | 1 Nmap4j Project | 1 Nmap4j | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| nmap4j 1.1.0 allows attackers to execute arbitrary commands via shell metacharacters in an includeHosts call. | |||||
| CVE-2018-17208 | 1 Linksys | 2 Velop, Velop Firmware | 2024-11-21 | 9.3 HIGH | 8.8 HIGH |
| Linksys Velop 1.1.2.187020 devices allow unauthenticated command injection, providing an attacker with full root access, via cgi-bin/zbtest.cgi or cgi-bin/zbtest2.cgi (scripts that can be discovered with binwalk on the firmware, but are not visible in the web interface). This occurs because shell metacharacters in the query string are mishandled by ShellExecute, as demonstrated by the zbtest.cgi?cmd=level&level= substring. This can also be exploited via CSRF. | |||||
| CVE-2018-17068 | 1 Dlink | 2 Dir-816 A2, Dir-816 A2 Firmware | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. An HTTP request parameter is used in command string construction in the handler function of the /goform/Diagnosis route. This could lead to command injection via shell metacharacters in the sendNum parameter. | |||||
| CVE-2018-17066 | 1 Dlink | 2 Dir-816 A2, Dir-816 A2 Firmware | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. An HTTP request parameter is used in command string construction in the handler function of the /goform/form2systime.cgi route. This could lead to command injection via shell metacharacters in the datetime parameter. | |||||
| CVE-2018-17064 | 1 Dlink | 2 Dir-816 A2, Dir-816 A2 Firmware | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. An HTTP request parameter is used in command string construction within the handler function of the /goform/sylogapply route. This could lead to command injection via the syslogIp parameter after /goform/clearlog is invoked. | |||||
| CVE-2018-17063 | 1 Dlink | 2 Dir-816 A2, Dir-816 A2 Firmware | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. An HTTP request parameter is used in command string construction within the handler function of the /goform/NTPSyncWithHost route. This could lead to command injection via shell metacharacters. | |||||
| CVE-2018-16863 | 2 Artifex, Redhat | 7 Ghostscript, Enterprise Linux Desktop, Enterprise Linux Server and 4 more | 2024-11-21 | 9.3 HIGH | 7.3 HIGH |
| It was found that RHSA-2018:2918 did not fully fix CVE-2018-16509. An attacker could possibly exploit another variant of the flaw and bypass the -dSAFER protection to, for example, execute arbitrary shell commands via a specially crafted PostScript document. This only affects ghostscript 9.07 as shipped with Red Hat Enterprise Linux 7. | |||||