Vulnerabilities > Improper Neutralization of Special Elements used in a Command ('Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-10 | CVE-2024-11046 | Command Injection vulnerability in Dlink Di-8003 Firmware 16.07.16A1 A vulnerability was found in D-Link DI-8003 16.07.16A1. | 9.8 |
| 2024-11-05 | CVE-2024-9579 | Command Injection vulnerability in HP products A potential vulnerability was discovered in certain Poly video conferencing devices. | 7.5 |
| 2024-11-02 | CVE-2024-10697 | Command Injection vulnerability in Tenda AC6 Firmware 15.03.05.19 A vulnerability has been found in Tenda AC6 15.03.05.19 and classified as critical. | 9.8 |
| 2024-10-29 | CVE-2024-41153 | Command Injection vulnerability in Hitachienergy Tro610 Firmware, Tro620 Firmware and Tro670 Firmware Command injection vulnerability in the Edge Computing UI for the TRO600 series radios that allows for the execution of arbitrary system commands. | 7.2 |
| 2024-10-27 | CVE-2024-10428 | Command Injection vulnerability in Wavlink products A vulnerability was found in WAVLINK WN530H4, WN530HG4 and WN572HG3 up to 20221028. | 7.2 |
| 2024-10-27 | CVE-2024-10429 | Command Injection vulnerability in Wavlink products A vulnerability classified as critical has been found in WAVLINK WN530H4, WN530HG4 and WN572HG3 up to 20221028. | 7.2 |
| 2024-10-20 | CVE-2024-10193 | Command Injection vulnerability in Wavlink products A vulnerability was found in WAVLINK WN530H4, WN530HG4 and WN572HG3 up to 20221028 and classified as critical. | 7.2 |
| 2024-10-19 | CVE-2024-10131 | Command Injection vulnerability in Infiniflow Ragflow 0.11.0 The `add_llm` function in `llm_app.py` in infiniflow/ragflow version 0.11.0 contains a remote code execution (RCE) vulnerability. | 8.8 |
| 2024-10-18 | CVE-2024-9264 | Command Injection vulnerability in Grafana 11.0.0 The SQL Expressions experimental feature of Grafana allows for the evaluation of `duckdb` queries containing user input. | 8.8 |
| 2024-10-14 | CVE-2024-35518 | Command Injection vulnerability in Netgear Ex6120 Firmware Netgear EX6120 v1.0.0.68 is vulnerable to Command Injection in genie_fix2.cgi via the wan_dns1_pri parameter. | 6.8 |