MITRE ATT&CK Mapping

Cisco Advisories Vulnerability Disclosure Cisco May 6

Cisco Enterprise Chat and Email Lite Agent File Upload Vulnerability

A vulnerability in the Lite Agent feature of Cisco Enterprise Chat and Email (ECE) could allow an authenticated, remote attacker to conduct browser-based att...

T1059

Cisco Advisories →

Exploit Database General Apr 30

[webapps] Cybersecurity AI (CAI) Framework 0.5.10 - Command Injection

Cybersecurity AI (CAI) Framework 0.5.

T1059

Exploit Database →

Exploit Database General Apr 29

[local] Atlona ATOMERX21 - Authenticated Command Injection

Atlona ATOMERX21 - Authenticated Command Injection

T1059

Exploit Database →

The Hacker News CVE GitHub Apr 28

Researchers Discover Critical GitHub CVE-2026-3854 RCE Flaw Exploitable via Single Git Push

Cybersecurity researchers have disclosed details of a critical security vulnerability impacting GitHub.com and GitHub Enterprise Server that could allow an a...

T1190 T1059 1 IOC

The Hacker News →

CISA Advisories CVE Apr 24

CISA Adds Four Known Exploited Vulnerabilities to Catalog

CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.

T1059 4 IOCs

CISA Advisories →

Cisco Advisories Vulnerability Disclosure Cisco Apr 22

Cisco Integrated Management Controller Command Injection and Remote Code Execution Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker ...

T1190 T1059

Cisco Advisories →

Zero Day Initiative CVE Amazon Apr 21

ZDI-26-245: (0Day) aws-mcp-server AWS CLI Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of aws-mcp-server. Authentication is not required to exploit t...

T1190 T1059 1 IOC

Zero Day Initiative →

Infosecurity Magazine CVE Apr 20

Attackers Exploit DVR Command Injection Flaw to Deploy Mirai-Based Botnet

FortiGuard Labs has identified a Mirai-based Nexcorium campaign actively exploiting CVE-2024-3721 in TBK DVR devices

T1059 1 IOC

Infosecurity Magazine →

Unit 42 CVE Apr 16

A Deep Dive Into Attempted Exploitation of CVE-2023-33538

CVE-2023-33538 allows for command injection in TP-Link routers. We discuss exploitation attempts with payloads characteristic of Mirai botnet malware.

T1059 1 IOC

Unit 42 →

Cisco Advisories Vulnerability Disclosure Cisco Apr 15

Cisco Identity Services Engine Authenticated Privilege Escalation Vulnerability

A vulnerability in the CLI of Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) could allow an authenticated, local att...

T1059 T1548

Cisco Advisories →

Zero Day Initiative Vulnerability Disclosure Microsoft Apr 15

ZDI-26-275: Microsoft Qlib _mount_nfs_uri Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Microsoft Qlib. Authentication is not required to...

T1190 T1059

Zero Day Initiative →

Exploit Database General Apr 10

[webapps] D-Link DIR-650IN - Authenticated Command Injection

D-Link DIR-650IN - Authenticated Command Injection

T1059

Exploit Database →

Zero Day Initiative CVE Microsoft Apr 2

ZDI-26-253: Microsoft Visual Studio Code mcp.json Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Visual Studio Code. User interaction is required ...

T1190 T1059 1 IOC

Zero Day Initiative →

Cisco Advisories Vulnerability Disclosure Cisco Mar 31

Cisco Nexus Dashboard Fabric Controller Arbitrary Command Execution Vulnerability

A vulnerability in the REST API and web UI of Cisco Nexus Dashboard Fabric Controller (NDFC) could allow an authenticated, low-privileged, remote attacker to...

T1059

Cisco Advisories →

Zero Day Initiative CVE Amazon Mar 30

ZDI-26-246: (0Day) aws-mcp-server Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of aws-mcp-server. Authentication is not required to exploit t...

T1190 T1059 1 IOC

Zero Day Initiative →

Zero Day Initiative Vulnerability Disclosure Microsoft Mar 24

ZDI-26-226: (0Day) Microsoft Azure MCP AzureCliService Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Azure. Authentication is not required to exploit ...

T1190 T1059

Zero Day Initiative →

Zero Day Initiative CVE Mar 16

ZDI-26-197: (Pwn2Own) ChargePoint Home Flex revssh Service Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of ChargePoint Home Flex devices. Authentication is ...

T1190 T1059 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Feb 25

ZDI-26-124: claude-hovercraft executeClaudeCode Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of claude-hovercraft. Authentication is not required to exploi...

T1190 T1059 1 IOC

Zero Day Initiative →