Vulnerabilities > Improper Neutralization of Special Elements used in a Command ('Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-08 | CVE-2024-24321 | Command Injection vulnerability in Dlink Dir-816 Firmware 1.10Cnb05 An issue in Dlink DIR-816A2 v.1.10CNB05 allows a remote attacker to execute arbitrary code via the wizardstep4_ssid_2 parameter in the sub_42DA54 function. | 9.8 |
| 2024-02-08 | CVE-2024-24216 | Command Injection vulnerability in Easycorp Zentao Zentao v18.0 to v18.10 was discovered to contain a remote code execution (RCE) vulnerability via the checkConnection method of /app/zentao/module/repo/model.php. | 9.8 |
| 2024-02-05 | CVE-2024-23049 | Command Injection vulnerability in B3Log Symphony An issue in symphony v.3.6.3 and before allows a remote attacker to execute arbitrary code via the log4j component. | 9.8 |
| 2024-02-02 | CVE-2023-41283 | Command Injection vulnerability in Qnap Qts, Quts Hero and Qutscloud An OS command injection vulnerability has been reported to affect several QNAP operating system versions. | 7.2 |
| 2024-02-02 | CVE-2023-45025 | Command Injection vulnerability in Qnap Qts, Quts Hero and Qutscloud An OS command injection vulnerability has been reported to affect several QNAP operating system versions. | 9.8 |
| 2024-02-02 | CVE-2023-47562 | Command Injection vulnerability in Qnap Photo Station 6.4.0 An OS command injection vulnerability has been reported to affect Photo Station. | 8.8 |
| 2024-02-02 | CVE-2024-22107 | Command Injection vulnerability in Gttb GTB Central Console 15.17.130814.Ng An issue was discovered in GTB Central Console 15.17.1-30814.NG. | 7.2 |
| 2024-02-02 | CVE-2024-22900 | Command Injection vulnerability in Vinchin Backup and Recovery Vinchin Backup & Recovery v7.2 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the setNetworkCardInfo function. | 8.8 |
| 2024-02-02 | CVE-2024-22903 | Command Injection vulnerability in Vinchin Backup and Recovery Vinchin Backup & Recovery v7.2 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the deleteUpdateAPK function. | 8.8 |
| 2024-02-01 | CVE-2024-0325 | Command Injection vulnerability in Perforce Helix Sync In Helix Sync versions prior to 2024.1, a local command injection was identified. | 7.8 |