Vulnerabilities > Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

DATE CVE VULNERABILITY TITLE RISK
2020-04-23 CVE-2017-18736 Injection vulnerability in Netgear products
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker.
low complexity
netgear CWE-74
8.8
8.8
2020-04-23 CVE-2017-18735 Injection vulnerability in Netgear products
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker.
low complexity
netgear CWE-74
8.8
8.8
2020-04-23 CVE-2017-18734 Injection vulnerability in Netgear products
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker.
low complexity
netgear CWE-74
8.8
8.8
2020-04-22 CVE-2020-7489 Injection vulnerability in Schneider-Electric products
A CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability exists on EcoStruxure Machine Expert – Basic or SoMachine Basic programming software (versions in security notification).
network
low complexity
schneider-electric CWE-74
critical
 9.8
9.8
2020-04-22 CVE-2017-18754 Injection vulnerability in Netgear products
Certain NETGEAR devices are affected by command injection by an authenticated user.
low complexity
netgear CWE-74
6.8
6.8
2020-04-22 CVE-2018-21123 Injection vulnerability in Netgear Wc7500 Firmware, Wc7520 Firmware and Wc7600 Firmware
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker.
low complexity
netgear CWE-74
8.8
8.8
2020-04-22 CVE-2018-21119 Injection vulnerability in Netgear Wac505 Firmware and Wac510 Firmware
Certain NETGEAR devices are affected by command injection by an authenticated user.
low complexity
netgear CWE-74
6.8
6.8
2020-04-22 CVE-2017-18767 Injection vulnerability in Netgear products
Certain NETGEAR devices are affected by command injection by an authenticated user.
low complexity
netgear CWE-74
6.8
6.8
2020-04-22 CVE-2017-18764 Injection vulnerability in Netgear products
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker.
low complexity
netgear CWE-74
8.8
8.8
2020-04-22 CVE-2017-18762 Injection vulnerability in Netgear products
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker.
low complexity
netgear CWE-74
8.8
8.8