CVE-2023-44092

HIGH Year: 2023
CVSS v3 Score
7.6
High
Weakness Type
CWE-78
View all →

Vulnerability Description

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Pandora FMS on all allows OS Command Injection. This vulnerability allowed to create a reverse shell and execute commands in the OS. This issue affects Pandora FMS: from 700 through <776.

Related Vulnerabilities

CVE-2018-21099

HIGH
CVSS:7.6(High)

NETGEAR R7800 devices before 1.0.2.60 are affected by command injection by an authenticated user.

CWE-782018

CVE-2018-21100

HIGH
CVSS:7.6(High)

NETGEAR R7800 devices before 1.0.2.60 are affected by command injection by an authenticated user.

CWE-782018

CVE-2018-3890

HIGH
CVSS:7.6(High)

An exploitable code execution vulnerability exists in the firmware update functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted file can cause a logic flaw and command injection, resultin...

CWE-782018

CVE-2024-2243

HIGH
CVSS:7.6(High)

A vulnerability was found in csmock where a regular user of the OSH service (anyone with a valid Kerberos ticket) can use the vulnerability to disclose the confidential Snyk authentication token and t...

CWE-782024

CVE-2024-39202

HIGH
CVSS:7.6(High)

D-Link DIR-823X firmware - 240126 was discovered to contain a remote command execution (RCE) vulnerability via the dhcpd_startip parameter at /goform/set_lan_settings.

CWE-782024

CVE-2016-0634

HIGH
CVSS:7.5(High)

The expansion of '\h' in the prompt string in bash 4.3 allows remote authenticated users to execute arbitrary code via shell metacharacters placed in 'hostname' of a machine.

CWE-782016