Vulnerabilities > Improper Neutralization of Special Elements used in a Command ('Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-12-04 | CVE-2018-0730 | Command Injection vulnerability in Qnap QTS This command injection vulnerability in File Station allows attackers to execute commands on the affected device. | 9.8 |
| 2019-12-04 | CVE-2018-0729 | Command Injection vulnerability in Qnap Music Station This command injection vulnerability in Music Station allows attackers to execute commands on the affected device. | 9.8 |
| 2019-11-14 | CVE-2019-18647 | Command Injection vulnerability in Untangle NG Firewall 14.2.0 The Untangle NG firewall 14.2.0 is vulnerable to an authenticated command injection when logged in as an admin user. | 7.2 |
| 2019-11-13 | CVE-2019-9467 | Command Injection vulnerability in Google Android In the Bootloader, there is a possible kernel command injection due to missing command sanitization. | 6.7 |
| 2019-11-05 | CVE-2019-18780 | Command Injection vulnerability in Veritas products An arbitrary command injection vulnerability in the Cluster Server component of Veritas InfoScale allows an unauthenticated remote attacker to execute arbitrary commands as root or administrator. | 9.8 |
| 2019-11-04 | CVE-2018-19031 | Command Injection vulnerability in 360 products A command injection vulnerability exists when the authorized user passes crafted parameter to background process in the router. | 8.8 |
| 2019-10-31 | CVE-2019-3421 | Command Injection vulnerability in ZTW Zx297520V3 Firmware 7520V3V1.0.0B09P27 The 7520V3V1.0.0B09P27 version, and all earlier versions of ZTE product ZX297520V3 are impacted by a Command Injection vulnerability. | 8.0 |
| 2019-10-30 | CVE-2018-16417 | Command Injection vulnerability in multiple products Aruba Instant 4.x prior to 6.4.4.8-4.2.4.12, 6.5.x prior to 6.5.4.11, 8.3.x prior to 8.3.0.6, and 8.4.x prior to 8.4.0.1 allows Command injection. | 7.5 |
| 2019-10-28 | CVE-2019-18188 | Command Injection vulnerability in Trendmicro Apex ONE 2019 Trend Micro Apex One could be exploited by an attacker utilizing a command injection vulnerability to extract files from an arbitrary zip file to a specific folder on the Apex One server, which could potentially lead to remote code execution (RCE). | 7.5 |
| 2019-10-25 | CVE-2019-8088 | Command Injection vulnerability in Adobe Experience Manager Adobe Experience Manager versions 6.5, 6.4, 6.3 and 6.2 have a command injection vulnerability. | 9.8 |