Resources

Vulnerability & Exploit Database

This is the list of vulnerabilities you can detect with Pentest-Tools.com and the exploits currently available in the platform.

We detect more than 16.073 vulnerabilities with multiple tools (Network Scanner, Website Scanner, Wordpress Scanner, and more) and we also have 177 exploit modules in Sniper to validate the risk level of critical CVEs.

Display

Search results for: OS Command Injection

Displaying 1 - 25 results out of 186

Pentest-Tools.com Vulnerabilities
Name	Detectable with	Detection added	Severity	Exploitable with Sniper
React Native Community CLI development server - Remote Code Execution CVE-2025-11953	Network Scanner	Nov 18, 2025	Critical(9.8)	Yes
motionEye <= 0.43.1b4 OS Command Injection Vulnerability CVE-2025-60787	Network Scanner	Nov 12, 2025	Medium(7.2)	No
Fortinet FortiSIEM - OS Command Injection CVE-2024-23108	Network Scanner	Oct 30, 2025	Critical(10)	No
Enigma NMS < 65.0.0 - Authenticated OS Command Injection CVE-2019-16072	Network Scanner	Oct 24, 2025	Critical(9.8)	No
St. Joe ERP system - SQL Injection CVE-2024-13979	Network Scanner	Oct 19, 2025	Critical(9.8)	No
IPeakCMS 3.5 - SQL Injection CVE-2021-3018	Network Scanner	Oct 16, 2025	Critical(9.8)	No
ASUSTOR ADM 3.1.0.RFQ3 - SQL Injection CVE-2018-11511	Network Scanner	Oct 6, 2025	Critical(9.8)	No
Dell UnityVSA < 5.5 - Remote Command Injection CVE-2025-36604	Network Scanner	Oct 5, 2025	Critical(9.8)	No
Western Digital My Cloud Multiple Products 5.x < 5.31.108 OS Command Injection Vulnerability (WDC-25006) CVE-2025-30247	Network Scanner	Oct 1, 2025	N/A	No
Hoverfly <= 1.11.3 - Remote Code Execution CVE-2025-54123	Network Scanner	Sep 18, 2025	Critical(9.8)	No
FXC AE1021 / AE1021PE <= 2.0.9 OS Command Injection Vulnerability CVE-2023-49897	Network Scanner	Aug 25, 2025	High(8.8)	No
EnGenius EnShare IoT Gigabit Cloud Service 1.4.11 Root Remote Code Execution CVE-2025-34035	Network Scanner	Aug 20, 2025	Critical(10)	No
Shenzhen Aitemi M300 Wi-Fi Repeater – Unauthenticated Remote Command Execution via `time` Parameter CVE-2025-34152	Network Scanner	Aug 20, 2025	Critical	No
Fortinet FortiSIEM - OS Command Injection CVE-2025-25256	Network Scanner	Aug 18, 2025	Critical(9.8)	No
Zeroshell 3.9.3 - Command Injection CVE-2020-29390	Network Scanner	Jul 17, 2025	Critical(9.8)	No
Wing FTP Server <= 7.4.3 - Remote Code Execution CVE-2025-47812	Network Scanner	Jul 4, 2025	Critical(9.8)	No
WeiYe-Jing datax-web <= 2.1.2 - OS Command Injection CVE-2023-7116	Network Scanner	Jun 24, 2025	Medium(6.3)	No
Tenda AC15 AC1900 version 15.03.05.19 - Command Injection CVE-2020-10987	Network Scanner	Jun 15, 2025	Critical(9.8)	No
D-Link DIR820LA1_FW105B03 'ping_addr' - OS Command Injection CVE-2023-25280	Network Scanner	Jun 15, 2025	Critical(9.8)	No
Evertz SDVN 3080ipx-10G - Unauthenticated Arbitrary Command Injection CVE-2025-4009	Network Scanner	Jun 13, 2025	Critical(9.3)	No
Avaya Aura Device Services - OS Command Injection CVE-2023-3722	Network Scanner	Jun 12, 2025	High(8.6)	No
Synology BeeStation BST150-4T - Unauthenticated Command Injection CVE-2024-10443	Network Scanner	Jun 12, 2025	Critical(9.8)	No
FLIR AX8 1.46.16 - Remote Command Injection CVE-2022-37061	Network Scanner	Jun 3, 2025	Critical(9.8)	No
MeteoBridge <= 6.1 - Remote Code Execution CVE-2025-4008	Network Scanner	May 31, 2025	High(7.5)	No
Palo Alto Networks Expedition - OS Command Injection CVE-2025-0107	Network Scanner	May 31, 2025	Critical(9.8)	No