Vulnerabilities > Improper Neutralization of Special Elements used in a Command ('Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-01-10 | CVE-2018-0007 | Command Injection vulnerability in Juniper Junos An unauthenticated network-based attacker able to send a maliciously crafted LLDP packet to the local segment, through a local segment broadcast, may be able to cause a Junos device to enter an improper boundary check condition allowing a memory corruption to occur, leading to a denial of service. | 9.8 |
| 2017-12-11 | CVE-2017-15940 | Command Injection vulnerability in Paloaltonetworks Pan-Os The web interface packet capture management component in Palo Alto Networks PAN-OS before 6.1.19, 7.0.x before 7.0.19, 7.1.x before 7.1.14, and 8.0.x before 8.0.6 allows remote authenticated users to execute arbitrary code via unspecified vectors. | 9.8 |
| 2017-12-04 | CVE-2017-15889 | Command Injection vulnerability in Synology Diskstation Manager Command injection vulnerability in smart.cgi in Synology DiskStation Manager (DSM) before 5.2-5967-5 allows remote authenticated users to execute arbitrary commands via disk field. | 8.8 |
| 2017-11-30 | CVE-2017-12352 | Command Injection vulnerability in Cisco Application Policy Infrastructure Controller 2.3(1F) A vulnerability in certain system script files that are installed at boot time on Cisco Application Policy Infrastructure Controllers could allow an authenticated, local attacker to gain elevated privileges and execute arbitrary commands with root privileges on an affected host operating system. | 6.7 |
| 2017-11-30 | CVE-2017-12341 | Command Injection vulnerability in Cisco Nx-Os and Unified Computing System A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. | 6.7 |
| 2017-11-30 | CVE-2017-12339 | Command Injection vulnerability in Cisco LAN Switch Software and Nx-Os A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. | 5.7 |
| 2017-11-30 | CVE-2017-12335 | Command Injection vulnerability in Cisco Nx-Os and Unified Computing System A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. | 6.3 |
| 2017-11-30 | CVE-2017-12330 | Command Injection vulnerability in Cisco Nx-Os 7.0(0)Hsk(0.357)/8.1(0)Bd(0.20)/8.1(1) A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. | 6.3 |
| 2017-11-30 | CVE-2017-12329 | Command Injection vulnerability in Cisco products A vulnerability in the CLI of Cisco Firepower Extensible Operating System (FXOS) and NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. | 6.3 |
| 2017-11-22 | CVE-2017-8197 | Command Injection vulnerability in Huawei Fusionsphere V100R006C00Spc102(Nfv) FusionSphere V100R006C00SPC102(NFV) has a command injection vulnerability. | 7.2 |