Total
3153 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-66404 | 2 Flux159, Suyogs | 2 Mcp-server-kubernetes, Mcp-server-kubernetes | 2025-12-16 | 6.4 Medium |
| MCP Server Kubernetes is an MCP Server that can connect to a Kubernetes cluster and manage it. Prior to 2.9.8, there is a security issue exists in the exec_in_pod tool of the mcp-server-kubernetes MCP Server. The tool accepts user-provided commands in both array and string formats. When a string format is provided, it is passed directly to shell interpretation (sh -c) without input validation, allowing shell metacharacters to be interpreted. This vulnerability can be exploited through direct command injection or indirect prompt injection attacks, where AI agents may execute commands without explicit user intent. This vulnerability is fixed in 2.9.8. | ||||
| CVE-2023-20209 | 1 Cisco | 1 Telepresence Video Communication Server | 2025-12-16 | 6.5 Medium |
| A vulnerability in the web-based management interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker with read-write privileges on the application to perform a command injection attack that could result in remote code execution on an affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to the web-based management interface of an affected device. A successful exploit could allow the attacker to establish a remote shell with root privileges. | ||||
| CVE-2023-20170 | 1 Cisco | 1 Identity Services Engine | 2025-12-16 | 6 Medium |
| A vulnerability in a specific Cisco ISE CLI command could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit this vulnerability, an attacker must have valid Administrator-level privileges on the affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by submitting a crafted CLI command. A successful exploit could allow the attacker to elevate privileges to root. | ||||
| CVE-2024-22246 | 1 Vmware | 1 Sd-wan Edge | 2025-12-16 | 7.4 High |
| VMware SD-WAN Edge contains an unauthenticated command injection vulnerability potentially leading to remote code execution. A malicious actor with local access to the Edge Router UI during activation may be able to perform a command injection attack that could lead to full control of the router. | ||||
| CVE-2024-25613 | 1 Arubanetworks | 2 Arubaos, Sd-wan | 2025-12-16 | 7.2 High |
| Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system. | ||||
| CVE-2025-14108 | 1 Zspace | 2 Q2c Nas, Q2c Nas Firmware | 2025-12-16 | 8.8 High |
| A weakness has been identified in ZSPACE Q2C NAS up to 1.1.0210050. Affected by this issue is the function zfilev2_api.OpenSafe of the file /v2/file/safe/open of the component HTTP POST Request Handler. This manipulation of the argument safe_dir causes command injection. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure and confirmed the existence of the vulnerability. A technical fix is planned to be released. | ||||
| CVE-2025-14107 | 1 Zspace | 2 Q2c Nas, Q2c Nas Firmware | 2025-12-16 | 8.8 High |
| A security flaw has been discovered in ZSPACE Q2C NAS up to 1.1.0210050. Affected by this vulnerability is the function zfilev2_api.SafeStatus of the file /v2/file/safe/status of the component HTTP POST Request Handler. The manipulation of the argument safe_dir results in command injection. The attack may be performed from remote. The exploit has been released to the public and may be exploited. The vendor was contacted early about this disclosure and confirmed the existence of the vulnerability. A technical fix is planned to be released. | ||||
| CVE-2025-14106 | 1 Zspace | 2 Q2c Nas, Q2c Nas Firmware | 2025-12-16 | 8.8 High |
| A vulnerability was identified in ZSPACE Q2C NAS up to 1.1.0210050. Affected is the function zfilev2_api.CloseSafe of the file /v2/file/safe/close of the component HTTP POST Request Handler. The manipulation of the argument safe_dir leads to command injection. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure and confirmed the existence of the vulnerability. A technical fix is planned to be released. | ||||
| CVE-2025-11490 | 1 Wonderwhy-er | 1 Desktopcommandermcp | 2025-12-12 | 6.3 Medium |
| A vulnerability has been found in wonderwhy-er DesktopCommanderMCP up to 0.2.13. The affected element is the function extractBaseCommand of the file src/command-manager.ts of the component Absolute Path Handler. Such manipulation leads to os command injection. The attack may be performed from remote. The exploit has been disclosed to the public and may be used. The vendor explains: "The usual use case is that AI is asked to do something, picks commands itself, and typically uses simple command names without absolute paths. It's curious why a user would ask the model to bypass restrictions this way. (...) This could potentially be a problem, but we are yet to hear reports of this being an issue in actual workflows. We'll leave this issue open for situations where people may report this as a problem for the long term." | ||||
| CVE-2025-11491 | 1 Wonderwhy-er | 1 Desktopcommandermcp | 2025-12-12 | 6.3 Medium |
| A vulnerability was found in wonderwhy-er DesktopCommanderMCP up to 0.2.13. The impacted element is the function CommandManager of the file src/command-manager.ts. Performing manipulation results in os command injection. It is possible to initiate the attack remotely. The exploit has been made public and could be used. | ||||
| CVE-2025-14485 | 1 Iptime | 1 A3004t | 2025-12-12 | 5 Medium |
| A weakness has been identified in EFM ipTIME A3004T 14.19.0. This vulnerability affects the function show_debug_screen of the file /sess-bin/timepro.cgi of the component Administrator Password Handler. This manipulation of the argument aaksjdkfj with the input !@dnjsrureljrm*& causes command injection. The attack is possible to be carried out remotely. The complexity of an attack is rather high. It is stated that the exploitability is difficult. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-67511 | 1 Aliasrobotics | 1 Cai | 2025-12-12 | 9.7 Critical |
| Cybersecurity AI (CAI) is an open-source framework for building and deploying AI-powered offensive and defensive automation. Versions 0.5.9 and below are vulnerable to Command Injection through the run_ssh_command_with_credentials() function, which is available to AI agents. Only password and command inputs are escaped in run_ssh_command_with_credentials to prevent shell injection; while username, host and port values are injectable. This issue does not have a fix at the time of publication. | ||||
| CVE-2025-65363 | 1 Ruijie | 2 Rg-ap720-l, Rg-ap720-l Firmware | 2025-12-12 | 7.2 High |
| Authenticated append-style command-injection Ruijie APs (AP_RGOS 11.1.x) allows an authenticated web user to execute appended shell expressions as root, enabling file disclosure, device disruption, and potential network pivoting via the command parameter to the web_action.do endpoint. | ||||
| CVE-2025-13797 | 1 Adslr | 2 B-qe2w401, B-qe2w401 Firmware | 2025-12-11 | 6.3 Medium |
| A vulnerability was detected in ADSLR B-QE2W401 250814-r037c. Affected by this issue is the function parameterdel_swifimac of the file /send_order.cgi. Performing manipulation of the argument del_swifimac results in command injection. The attack is possible to be carried out remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-13798 | 1 Adslr | 3 B-qe2w401, B-qe2w401 Firmware, Nbr1005gpev2 | 2025-12-11 | 6.3 Medium |
| A flaw has been found in ADSLR NBR1005GPEV2 250814-r037c. This affects the function ap_macfilter_add of the file /send_order.cgi. Executing manipulation of the argument mac can lead to command injection. The attack may be performed from remote. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-13799 | 1 Adslr | 3 B-qe2w401, B-qe2w401 Firmware, Nbr1005gpev2 | 2025-12-11 | 6.3 Medium |
| A vulnerability has been found in ADSLR NBR1005GPEV2 250814-r037c. This vulnerability affects the function ap_macfilter_del of the file /send_order.cgi. The manipulation of the argument mac leads to command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-13800 | 1 Adslr | 3 B-qe2w401, B-qe2w401 Firmware, Nbr1005gpev2 | 2025-12-11 | 6.3 Medium |
| A vulnerability was found in ADSLR NBR1005GPEV2 250814-r037c. This issue affects the function set_mesh_disconnect of the file /send_order.cgi. The manipulation of the argument mac results in command injection. It is possible to launch the attack remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-6257 | 1 Hashicorp | 1 Go-getter | 2025-12-11 | 8.4 High |
| HashiCorp’s go-getter library can be coerced into executing Git update on an existing maliciously modified Git Configuration, potentially leading to arbitrary code execution. | ||||
| CVE-2025-14225 | 2 D-link, Dlink | 3 Dcs-930l, Dcs-930l, Dcs-930l Firmware | 2025-12-11 | 6.3 Medium |
| A vulnerability was determined in D-Link DCS-930L 1.15.04. This affects an unknown part of the file /setSystemAdmin of the component alphapd. Executing manipulation of the argument AdminID can lead to command injection. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized. This vulnerability only affects products that are no longer supported by the maintainer. | ||||
| CVE-2023-47218 | 1 Qnap | 3 Qts, Quts Hero, Qutscloud | 2025-12-10 | 5.8 Medium |
| An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.5.2645 build 20240116 and later QuTS hero h5.1.5.2647 build 20240118 and later QuTScloud c5.1.5.2651 and later | ||||