Vulnerabilities > Improper Neutralization of Special Elements used in a Command ('Command Injection')

DATE CVE VULNERABILITY TITLE RISK
2023-10-28 CVE-2023-43322 Command Injection vulnerability in Zpesystems Nodegrid OS
ZPE Systems, Inc Nodegrid OS v5.0.0 to v5.0.17, v5.2.0 to v5.2.19, v5.4.0 to v5.4.16, v5.6.0 to v5.6.13, v5.8.0 to v5.8.10, and v5.10.0 to v5.10.3 was discovered to contain a command injection vulnerability via the endpoint /v1/system/toolkit/files/.
network
low complexity
zpesystems CWE-77
8.8
8.8
2023-10-27 CVE-2023-45498 Command Injection vulnerability in Vinchin Backup and Recovery
VinChin Backup & Recovery v5.0.*, v6.0.*, v6.7.*, and v7.0.* was discovered to contain a command injection vulnerability.
network
low complexity
vinchin CWE-77
critical
 9.8
9.8
2023-10-25 CVE-2023-46408 Command Injection vulnerability in Totolink X6000R Firmware 9.4.0Cu.652B20230116
TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a command execution vulnerability via the sub_ The 41DD80 function.
network
low complexity
totolink CWE-77
critical
 9.8
9.8
2023-10-25 CVE-2023-46409 Command Injection vulnerability in Totolink X6000R Firmware 9.4.0Cu.652B20230116
TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a command execution vulnerability via the sub_ 41CC04 function.
network
low complexity
totolink CWE-77
critical
 9.8
9.8
2023-10-25 CVE-2023-46410 Command Injection vulnerability in Totolink X6000R Firmware 9.4.0Cu.652B20230116
TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a command execution vulnerability via the sub_ The 416F60 function.
network
low complexity
totolink CWE-77
critical
 9.8
9.8
2023-10-25 CVE-2023-46411 Command Injection vulnerability in Totolink X6000R Firmware 9.4.0Cu.652B20230116
TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a command execution vulnerability via the sub_415258 function.
network
low complexity
totolink CWE-77
critical
 9.8
9.8
2023-10-25 CVE-2023-46412 Command Injection vulnerability in Totolink X6000R Firmware 9.4.0Cu.652B20230116
TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a command execution vulnerability via the sub_41D998 function.
network
low complexity
totolink CWE-77
critical
 9.8
9.8
2023-10-25 CVE-2023-46413 Command Injection vulnerability in Totolink X6000R Firmware 9.4.0Cu.652B20230116
TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a command execution vulnerability via the sub_4155DC function.
network
low complexity
totolink CWE-77
critical
 9.8
9.8
2023-10-25 CVE-2023-46414 Command Injection vulnerability in Totolink X6000R Firmware 9.4.0Cu.652B20230116
TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_ 41D494 function.
network
low complexity
totolink CWE-77
critical
 9.8
9.8
2023-10-25 CVE-2023-46415 Command Injection vulnerability in Totolink X6000R Firmware 9.4.0Cu.652B20230116
TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_41E588 function.
network
low complexity
totolink CWE-77
critical
 9.8
9.8