Vulnerabilities > Improper Neutralization of Special Elements used in a Command ('Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-08-17 | CVE-2018-15356 | Command Injection vulnerability in Eltex Esp-200 Firmware 1.2.0 An authenticated attacker can execute arbitrary code using command ejection in Eltex ESP-200 firmware version 1.2.0. | 8.8 |
| 2018-08-13 | CVE-2018-0714 | Command Injection vulnerability in Qnap Helpdesk Command injection vulnerability in Helpdesk versions 1.1.21 and earlier in QNAP QTS 4.2.6 build 20180531, QTS 4.3.3 build 20180528, QTS 4.3.4 build 20180528 and their earlier versions could allow remote attackers to run arbitrary commands in the compromised application. | 9.8 |
| 2018-07-31 | CVE-2016-8628 | Command Injection vulnerability in Redhat Ansible Ansible before version 2.2.0 fails to properly sanitize fact variables sent from the Ansible controller. | 9.1 |
| 2018-07-18 | CVE-2018-0351 | Command Injection vulnerability in Cisco products A vulnerability in the command-line tcpdump utility in the Cisco SD-WAN Solution could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. | 7.8 |
| 2018-07-18 | CVE-2018-0350 | Command Injection vulnerability in Cisco products A vulnerability in the VPN subsystem configuration in the Cisco SD-WAN Solution could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges. | 8.8 |
| 2018-07-18 | CVE-2018-0347 | Command Injection vulnerability in Cisco products A vulnerability in the Zero Touch Provisioning (ZTP) subsystem of the Cisco SD-WAN Solution could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. | 7.8 |
| 2018-07-18 | CVE-2018-0344 | Command Injection vulnerability in Cisco products A vulnerability in the vManage dashboard for the configuration and management service of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to inject and execute arbitrary commands with vmanage user privileges on an affected system. | 7.2 |
| 2018-07-13 | CVE-2016-6558 | Command Injection vulnerability in Asus products A command injection vulnerability exists in apply.cgi on the ASUS RP-AC52 access point, firmware version 1.0.1.1s and possibly earlier, web interface specifically in the action_script parameter. | 9.8 |
| 2018-07-11 | CVE-2018-8306 | Command Injection vulnerability in Microsoft Wireless Display Adapter Firmware 2.0.8350/2.0.8365/2.0.8372 A command injection vulnerability exists in the Microsoft Wireless Display Adapter (MWDA) when the Microsoft Wireless Display Adapter does not properly manage user input, aka "Microsoft Wireless Display Adapter Command Injection Vulnerability." This affects Microsoft Wireless Display Adapter V2 Software. | 5.5 |
| 2018-07-03 | CVE-2018-7785 | Command Injection vulnerability in Schneider-Electric U.Motion Builder 1.2.1 In Schneider Electric U.motion Builder software versions prior to v1.3.4, a remote command injection allows authentication bypass. | 9.8 |