Vulnerabilities > Improper Neutralization of Special Elements used in a Command ('Command Injection')

DATE CVE VULNERABILITY TITLE RISK
2017-04-10 CVE-2016-6534 Command Injection vulnerability in Opmantek Network Management Information System 4.3.6F/8.5.10G
Opmantek NMIS before 4.3.7c has command injection via man, finger, ping, trace, and nslookup in the tools.pl CGI script.
network
high complexity
opmantek CWE-77
7.5
7.5
2017-04-10 CVE-2016-5067 Command Injection vulnerability in Sierrawireless Aleos Firmware 4.3.2
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 allow Hayes AT command injection.
network
low complexity
sierrawireless CWE-77
8.8
8.8
2017-04-10 CVE-2016-5065 Command Injection vulnerability in Sierrawireless Aleos Firmware 4.3.2
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 allow Embedded_Ace_Set_Task.cgi command injection.
network
low complexity
sierrawireless CWE-77
critical
 9.8
9.8
2017-04-03 CVE-2016-10312 Command Injection vulnerability in Jensenofscandinavia Al3G Firmware, Al5000Ac Firmware and Al59300 Firmware
Jensen of Scandinavia AS Air:Link 3G (AL3G) version 2.23m (Rev.
network
low complexity
jensenofscandinavia CWE-77
critical
 9.8
9.8
2017-04-02 CVE-2016-8801 Command Injection vulnerability in Huawei Oceanstor 5600 V3 Firmware V300R003C00/V300R003C00C10
Huawei OceanStor 5600 V3 with V300R003C00C10 and earlier versions allows attackers with administrator privilege to inject a command into a specific command's parameters, and run this injected command with root privilege.
network
low complexity
huawei CWE-77
7.2
7.2
2017-03-31 CVE-2014-9114 Command Injection vulnerability in multiple products
Blkid in util-linux before 2.26rc-1 allows local users to execute arbitrary code.
local
low complexity
opensuse fedoraproject kernel CWE-77
7.8
7.8
2017-03-31 CVE-2014-5009 Command Injection vulnerability in multiple products
Snoopy allows remote attackers to execute arbitrary commands.
network
low complexity
snoopy redhat nagios CWE-77
critical
 9.8
9.8
2017-03-31 CVE-2014-5008 Command Injection vulnerability in multiple products
Snoopy allows remote attackers to execute arbitrary commands.
network
low complexity
snoopy redhat debian CWE-77
critical
 9.8
9.8
2017-03-31 CVE-2008-7313 Command Injection vulnerability in multiple products
The _httpsrequest function in Snoopy allows remote attackers to execute arbitrary commands.
network
low complexity
snoopy redhat nagios CWE-77
critical
 9.8
9.8
2017-03-30 CVE-2017-6184 Command Injection vulnerability in Sophos web Appliance
In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine's interface responsible for generating reports was vulnerable to remote command injection via the token parameter, aka NSWA-1303.
network
low complexity
sophos CWE-77
4.7
4.7