Vulnerabilities > Improper Neutralization of Special Elements used in a Command ('Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-13 | CVE-2023-48791 | Command Injection vulnerability in Fortinet Fortiportal An improper neutralization of special elements used in a command ('Command Injection') vulnerability [CWE-77] in FortiPortal version 7.2.0, version 7.0.6 and below may allow a remote authenticated attacker with at least R/W permission to execute unauthorized commands via specifically crafted arguments in the Schedule System Backup page field. | 8.8 |
| 2023-12-13 | CVE-2023-47576 | Command Injection vulnerability in Relyum Rely-Pcie Firmware and Rely-Rec Firmware An issue was discovered in Relyum RELY-PCIe 22.2.1 and RELY-REC 23.1.0 devices, allowing authenticated command injection through the web interface. | 8.8 |
| 2023-12-12 | CVE-2013-2513 | Command Injection vulnerability in Milboj Flash Tool 0.5.0/0.6.0 The flash_tool gem through 0.6.0 for Ruby allows command execution via shell metacharacters in the name of a downloaded file. | 9.8 |
| 2023-12-12 | CVE-2023-49587 | Command Injection vulnerability in SAP Solution Manager 720 SAP Solution Manager - version 720, allows an authorized attacker to execute certain deprecated function modules which can read or modify data of same or other component without user interaction over the network. | 6.4 |
| 2023-12-07 | CVE-2023-40301 | Command Injection vulnerability in Netscout Ngeniuspulse 3.8.00.2349.0 NETSCOUT nGeniusPULSE 3.8 has a Command Injection Vulnerability. | 9.8 |
| 2023-12-07 | CVE-2023-49431 | Command Injection vulnerability in Tenda AX9 Firmware 22.03.01.46 Tenda AX9 V22.03.01.46 has been discovered to contain a command injection vulnerability in the 'mac' parameter at /goform/SetOnlineDevName. | 9.8 |
| 2023-12-07 | CVE-2023-49435 | Command Injection vulnerability in Tenda AX9 Firmware 22.03.01.46 Tenda AX9 V22.03.01.46 is vulnerable to command injection. | 9.8 |
| 2023-12-07 | CVE-2023-49436 | Command Injection vulnerability in Tenda AX9 Firmware 22.03.01.46 Tenda AX9 V22.03.01.46 has been discovered to contain a command injection vulnerability in the 'list' parameter at /goform/SetNetControlList. | 9.8 |
| 2023-12-07 | CVE-2023-49428 | Command Injection vulnerability in Tenda Ax12 Firmware 22.03.01.46 Tenda AX12 V22.03.01.46 has been discovered to contain a command injection vulnerability in the 'mac' parameter at /goform/SetOnlineDevName. | 9.8 |
| 2023-12-07 | CVE-2023-49437 | Command Injection vulnerability in Tenda Ax12 Firmware 22.03.01.46 Tenda AX12 V22.03.01.46 has been discovered to contain a command injection vulnerability in the 'list' parameter at /goform/SetNetControlList. | 9.8 |