Vulnerabilities > Improper Neutralization of Special Elements used in a Command ('Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-22 | CVE-2023-51016 | Command Injection vulnerability in Totolink Ex1800T Firmware 9.1.0Cu.2112B20220316 TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the setRebootScheCfg interface of the cstecgi .cgi. | 9.8 |
| 2023-12-22 | CVE-2023-51707 | Command Injection vulnerability in Arraynetworks Arrayos AG MotionPro in Array ArrayOS AG before 9.4.0.505 on AG and vxAG allows remote command execution via crafted packets. | 9.8 |
| 2023-12-20 | CVE-2023-50983 | Command Injection vulnerability in Tenda I29 Firmware 1.0.0.2/1.0.0.5 Tenda i29 v1.0 V1.0.0.5 was discovered to contain a command injection vulnerability via the sysScheduleRebootSet function. | 9.8 |
| 2023-12-20 | CVE-2023-50989 | Command Injection vulnerability in Tenda I29 Firmware 1.0.0.2/1.0.0.5 Tenda i29 v1.0 V1.0.0.5 was discovered to contain a command injection vulnerability via the pingSet function. | 9.8 |
| 2023-12-19 | CVE-2023-6940 | Command Injection vulnerability in Lfprojects Mlflow with only one user interaction(download a malicious config), attackers can gain full command execution on the victim system. | 8.8 |
| 2023-12-18 | CVE-2023-39509 | Command Injection vulnerability in Bosch Cpp13 Firmware and Cpp14 Firmware A command injection vulnerability exists in Bosch IP cameras that allows an authenticated user with administrative rights to run arbitrary commands on the OS of the camera. | 7.2 |
| 2023-12-16 | CVE-2023-6848 | Command Injection vulnerability in Kodcloud Kodbox A vulnerability was found in kalcaddle kodbox up to 1.48. | 9.8 |
| 2023-12-15 | CVE-2023-50089 | Command Injection vulnerability in Netgear Wnr2000 Firmware 1.0.0.70 A Command Injection vulnerability exists in NETGEAR WNR2000v4 version 1.0.0.70. | 9.8 |
| 2023-12-15 | CVE-2023-50917 | Command Injection vulnerability in Mjdm Majordomo MajorDoMo (aka Major Domestic Module) before 0662e5e allows command execution via thumb.php shell metacharacters. | 9.8 |
| 2023-12-15 | CVE-2023-49898 | Command Injection vulnerability in Apache Streampark 2.0.0/2.1.0/2.1.1 In streampark, there is a project module that integrates Maven's compilation capability. | 7.2 |