Vulnerabilities > Improper Neutralization of Special Elements used in a Command ('Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-18 | CVE-2023-33831 | Command Injection vulnerability in Frangoteam Fuxa 1.1.13 A remote command execution (RCE) vulnerability in the /api/runscript endpoint of FUXA 1.1.13 allows attackers to execute arbitrary commands via a crafted POST request. | 9.8 |
| 2023-09-18 | CVE-2023-34999 | Command Injection vulnerability in Bosch RTS Vlink Virtual Matrix 5.0.0/6.0.0 A command injection vulnerability exists in RTS VLink Virtual Matrix Software Versions v5 (< 5.7.6) and v6 (< 6.5.0) that allows an attacker to perform arbitrary code execution via the admin web interface. | 7.2 |
| 2023-09-14 | CVE-2023-39638 | Command Injection vulnerability in Dlink Dir-859 A1 Firmware 1.05/1.06 D-LINK DIR-859 A1 1.05 and A1 1.06B01 Beta01 was discovered to contain a command injection vulnerability via the lxmldbc_system function at /htdocs/cgibin. | 9.8 |
| 2023-09-14 | CVE-2023-41011 | Command Injection vulnerability in Chinamobile Intelligent Home Gateway Firmware Hg6543C4 Command Execution vulnerability in China Mobile Communications China Mobile Intelligent Home Gateway v.HG6543C4 allows a remote attacker to execute arbitrary code via the shortcut_telnet.cg component. | 9.8 |
| 2023-09-12 | CVE-2023-3710 | Command Injection vulnerability in Honeywell Pm43 Firmware Improper Input Validation vulnerability in Honeywell PM43 on 32 bit, ARM (Printer web page modules) allows Command Injection.This issue affects PM43 versions prior to P10.19.050004. Update to the latest available firmware version of the respective printers to version MR19.5 (e.g. | 9.8 |
| 2023-09-12 | CVE-2023-39637 | Command Injection vulnerability in Dlink Dir-816 Firmware 1.10B05 D-Link DIR-816 A2 1.10 B05 was discovered to contain a command injection vulnerability via the component /goform/Diagnosis. | 9.8 |
| 2023-09-11 | CVE-2023-38829 | Command Injection vulnerability in Netis-Systems Wf2409E Firmware 3.6.42541 An issue in NETIS SYSTEMS WF2409E v.3.6.42541 allows a remote attacker to execute arbitrary code via the ping and traceroute functions of the diagnostic tools component in the admin management interface. | 8.8 |
| 2023-09-11 | CVE-2023-39780 | Command Injection vulnerability in Asus Rt-Ax55 Firmware 3.0.0.4.386.51598 ASUS RT-AX55 v3.0.0.4.386.51598 was discovered to contain an authenticated command injection vulnerability. | 8.8 |
| 2023-09-05 | CVE-2023-4310 | Command Injection vulnerability in Beyondtrust Privileged Remote Access and Remote Support BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) versions 23.2.1 and 23.2.2 contain a command injection vulnerability which can be exploited through a malicious HTTP request. | 9.8 |
| 2023-08-28 | CVE-2023-38027 | Command Injection vulnerability in Myspotcam Sense Firmware SpotCam Co., Ltd. | 9.8 |