Vulnerabilities > Improper Neutralization of Special Elements used in a Command ('Command Injection')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-09-22 | CVE-2023-41031 | Command Injection vulnerability in Juplink Rx4-1500 Firmware Command injection in homemng.htm in Juplink RX4-1500 versions V1.0.2, V1.0.3, V1.0.4, and V1.0.5 allows remote authenticated attackers to execute commands via specially crafted requests to the vulnerable endpoint. | 8.8 |
2023-09-21 | CVE-2023-43128 | Command Injection vulnerability in Dlink Dir-806 Firmware 100Cnb11 D-LINK DIR-806 1200M11AC wireless router DIR806A1_FW100CNb11 is vulnerable to command injection due to lax filtering of HTTP_ST parameters. | 9.8 |
2023-09-21 | CVE-2023-42810 | Command Injection vulnerability in Systeminformation systeminformation is a System Information Library for Node.JS. | 9.8 |
2023-09-20 | CVE-2023-43137 | Command Injection vulnerability in Tp-Link Tl-Er5120G Firmware 2.0.0 TPLINK TL-ER5120G 4.0 2.0.0 Build 210817 Rel.80868n has a command injection vulnerability, when an attacker adds ACL rules after authentication, and the rule name parameter has injection points. | 8.8 |
2023-09-20 | CVE-2023-43138 | Command Injection vulnerability in Tp-Link Tl-Er5120G Firmware 2.0.0 TPLINK TL-ER5120G 4.0 2.0.0 Build 210817 Rel.80868n has a command injection vulnerability, when an attacker adds NAPT rules after authentication, and the rule name has an injection point. | 8.8 |
2023-09-20 | CVE-2023-43202 | Command Injection vulnerability in Dlink Dwl-6610Ap Firmware 4.3.0.8B003C D-LINK DWL-6610 FW_v_4.3.0.8B003C was discovered to contain a command injection vulnerability in the function pcap_download_handler. | 9.8 |
2023-09-20 | CVE-2023-43204 | Command Injection vulnerability in Dlink Dwl-6610Ap Firmware 4.3.0.8B003C D-LINK DWL-6610 FW_v_4.3.0.8B003C was discovered to contain a command injection vulnerability in the function sub_2EF50. | 9.8 |
2023-09-20 | CVE-2023-43206 | Command Injection vulnerability in Dlink Dwl-6610Ap Firmware 4.3.0.8B003C D-LINK DWL-6610 FW_v_4.3.0.8B003C was discovered to contain a command injection vulnerability in the function web_cert_download_handler. | 9.8 |
2023-09-20 | CVE-2023-43207 | Command Injection vulnerability in Dlink Dwl-6610Ap Firmware 4.3.0.8B003C D-LINK DWL-6610 FW_v_4.3.0.8B003C was discovered to contain a command injection vulnerability in the function config_upload_handler. | 9.8 |
2023-09-20 | CVE-2023-43477 | Command Injection vulnerability in Telstra Arcadyan Lh1000 Firmware The ping_from parameter of ping_tracerte.cgi in the web UI of Telstra Smart Modem Gen 2 (Arcadyan LH1000), firmware versions < 0.18.15r, was not properly sanitized before being used in a system call, which could allow an authenticated attacker to achieve command injection as root on the device. | 8.8 |