Vulnerabilities > Improper Neutralization of Special Elements used in a Command ('Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-08 | CVE-2024-25639 | Command Injection vulnerability in Khoj Khoj is an application that creates personal AI agents. | 7.5 |
| 2024-06-25 | CVE-2024-4884 | Command Injection vulnerability in Progress Whatsup Gold In WhatsUp Gold versions released before 2023.1.3, an unauthenticated Remote Code Execution vulnerability in Progress WhatsUpGold. The Apm.UI.Areas.APM.Controllers.CommunityController allows execution of commands with iisapppool\nmconsole privileges. | 9.8 |
| 2024-06-25 | CVE-2024-4639 | Command Injection vulnerability in Moxa products OnCell G3470A-LTE Series firmware versions v1.7.7 and prior have been identified as vulnerable due to a lack of neutralized inputs in IPSec configuration. | 8.8 |
| 2024-06-25 | CVE-2024-4638 | Command Injection vulnerability in Moxa products OnCell G3470A-LTE Series firmware versions v1.7.7 and prior have been identified as vulnerable due to a lack of neutralized inputs in the web key upload function. | 8.8 |
| 2024-06-09 | CVE-2024-37569 | Command Injection vulnerability in Mitel 6869I SIP Firmware An issue was discovered on Mitel 6869i through 4.5.0.41 and 5.x through 5.0.0.1018 devices. | 8.8 |
| 2024-06-09 | CVE-2024-37570 | Command Injection vulnerability in Mitel 6869I SIP Firmware 4.5.0.41 On Mitel 6869i 4.5.0.41 devices, the Manual Firmware Update (upgrade.html) page does not perform sanitization on the username and path parameters (sent by an authenticated user) before appending flags to the busybox ftpget command. | 8.8 |
| 2024-06-06 | CVE-2024-30368 | Command Injection vulnerability in A10Networks Advanced Core Operating System A10 Thunder ADC CsrRequestView Command Injection Remote Code Execution Vulnerability. | 8.8 |
| 2024-06-04 | CVE-2024-36604 | Command Injection vulnerability in Tenda O3 Firmware 1.0.0.12(3880) Tenda O3V2 v1.0.0.12(3880) was discovered to contain a Blind Command Injection via stpEn parameter in the SetStp function. | 9.8 |
| 2024-05-15 | CVE-2023-6321 | Command Injection vulnerability in multiple products A command injection vulnerability exists in the IOCTL that manages OTA updates. | 8.8 |
| 2024-05-14 | CVE-2024-34352 | Command Injection vulnerability in Fit2Cloud 1Panel 1Panel is an open source Linux server operation and maintenance management panel. | 7.5 |