Standardlikelihood: Highseverity: HighDraft
CAPEC-15Command Delimiters
Abstraction
Standard
Status
Draft
Likelihood
High
Severity
High
Description
An attack of this type exploits a programs' vulnerabilities that allows an attacker's commands to be concatenated onto a legitimate command with the intent of targeting other resources such as the file system or database. The system that uses a filter or denylist input validation, as opposed to allowlist validation is vulnerable to an attacker who predicts delimiters (or combinations of delimiters) not present in the filter or denylist. As with other injection attacks, the attacker uses the command delimiter payload as an entry point to tunnel through the application and activate additional attacks through SQL queries, shell commands, network scanning, and so on.
Related weaknesses· 11
Related attack patterns· 1
Exploits11
| Type | Target | Confidence | Tier |
|---|---|---|---|
| Weakness | Improper Neutralization of Special Elements used in a Command ('Command Injection')cwe-77 | 100% | live |
| Weakness | Improper Neutralization of Variable Name Delimiterscwe-154 | 100% | live |
| Weakness | Improper Neutralization of CRLF Sequences ('CRLF Injection')cwe-93 | 100% | live |
| Weakness | Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')cwe-78 | 100% | live |
| Weakness | Improper Neutralization of Special Elementscwe-138 | 100% | live |
| Weakness | Failure to Sanitize Paired Delimiterscwe-157 | 100% | live |
| Weakness | Incorrect Regular Expressioncwe-185 | 100% | live |
| Weakness | Improper Neutralization of Expression/Command Delimiterscwe-146 | 100% | live |
| Weakness | Incomplete List of Disallowed Inputscwe-184 | 100% | live |
| Weakness | Incorrect Comparisoncwe-697 | 100% | live |
| Weakness | Improper Neutralization of Delimiterscwe-140 | 100% | live |
Related by meaning· 6
Nearest entities by semantic similarity across the cs-graph corpus.