{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6898?format=json","vulnerability_id":"VCID-281m-dkqs-rfbe","summary":"EnerSys AMPA 22.09 and prior versions are vulnerable to command injection leading to privileged remote shell access.","aliases":[{"alias":" MNDT-2025-0001"}],"fixed_packages":[],"affected_packages":[],"references":[],"weaknesses":[{"cwe_id":77,"name":"Improper Neutralization of Special Elements used in a Command ('Command Injection')","description":"The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component."}],"exploits":[],"severity_range_score":null,"exploitability":null,"weighted_severity":null,"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-281m-dkqs-rfbe"}