Vulnerabilities > Improper Neutralization of Special Elements used in a Command ('Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-06-11 | CVE-2017-18377 | Command Injection vulnerability in Goahead Wireless IP Camera Wificam Firmware An issue was discovered on Wireless IP Camera (P2P) WIFICAM cameras. | 9.8 |
| 2019-06-11 | CVE-2016-10760 | Command Injection vulnerability in Seowonintech products On Seowon Intech routers, there is a Command Injection vulnerability in diagnostic.cgi via shell metacharacters in the ping_ipaddr parameter. | 9.8 |
| 2019-06-11 | CVE-2013-7471 | Command Injection vulnerability in Dlink products An issue was discovered in soap.cgi?service=WANIPConn1 on D-Link DIR-845 before v1.02b03, DIR-600 before v2.17b01, DIR-645 before v1.04b11, DIR-300 rev. | 9.8 |
| 2019-06-11 | CVE-2010-5330 | Command Injection vulnerability in UI Airos On certain Ubiquiti devices, Command Injection exists via a GET request to stainfo.cgi (aka Show AP info) because the ifname variable is not sanitized, as demonstrated by shell metacharacters. | 9.8 |
| 2019-06-11 | CVE-2009-5157 | Command Injection vulnerability in Linksys Wag54G2 Firmware 1.00.10 On Linksys WAG54G2 1.00.10 devices, there is authenticated command injection via shell metacharacters in the setup.cgi c4_ping_ipaddr variable. | 8.8 |
| 2019-06-11 | CVE-2009-5156 | Command Injection vulnerability in Veracomp Asmax Ar-804Gu Firmware 66.34.1 An issue was discovered on ASMAX AR-804gu 66.34.1 devices. | 9.8 |
| 2019-06-10 | CVE-2019-12786 | Command Injection vulnerability in Dlink Dir-818Lw Firmware 2.05.B03/2.06B01 An issue was discovered on D-Link DIR-818LW devices from 2.05.B03 to 2.06B01 BETA. | 8.8 |
| 2019-06-07 | CVE-2018-19451 | Command Injection vulnerability in Foxitsoftware Foxit PDF SDK Activex 5.4.0.1031/5.5.0 A command injection can occur for specially crafted PDF files in Foxit Reader SDK (ActiveX) Professional 5.4.0.1031 when using the Open File action on a Field. | 7.8 |
| 2019-06-07 | CVE-2018-20523 | Command Injection vulnerability in MI products Xiaomi Stock Browser 10.2.4.g on Xiaomi Redmi Note 5 Pro devices and other Redmi Android phones allows content provider injection. | 5.3 |
| 2019-06-05 | CVE-2019-5390 | Command Injection vulnerability in HP Intelligent Management Center A remote command injection vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. | 9.8 |