Vulnerabilities > Improper Neutralization of Special Elements used in a Command ('Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-20 | CVE-2023-50983 | Command Injection vulnerability in Tenda I29 Firmware 1.0.0.2/1.0.0.5 Tenda i29 v1.0 V1.0.0.5 was discovered to contain a command injection vulnerability via the sysScheduleRebootSet function. | 9.8 |
| 2023-12-20 | CVE-2023-50989 | Command Injection vulnerability in Tenda I29 Firmware 1.0.0.2/1.0.0.5 Tenda i29 v1.0 V1.0.0.5 was discovered to contain a command injection vulnerability via the pingSet function. | 9.8 |
| 2023-12-18 | CVE-2023-39509 | Command Injection vulnerability in Bosch Cpp13 Firmware and Cpp14 Firmware A command injection vulnerability exists in Bosch IP cameras that allows an authenticated user with administrative rights to run arbitrary commands on the OS of the camera. | 7.2 |
| 2023-12-15 | CVE-2023-50089 | Command Injection vulnerability in Netgear Wnr2000 Firmware 1.0.0.70 A Command Injection vulnerability exists in NETGEAR WNR2000v4 version 1.0.0.70. | 9.8 |
| 2023-12-15 | CVE-2023-50917 | Command Injection vulnerability in Mjdm Majordomo MajorDoMo (aka Major Domestic Module) before 0662e5e allows command execution via thumb.php shell metacharacters. | 9.8 |
| 2023-12-14 | CVE-2023-25643 | Command Injection vulnerability in ZTE Mc801A1 Firmware and Mc801A Firmware There is a command injection vulnerability in some ZTE mobile internet products. | 8.8 |
| 2023-12-13 | CVE-2023-48791 | Command Injection vulnerability in Fortinet Fortiportal An improper neutralization of special elements used in a command ('Command Injection') vulnerability [CWE-77] in FortiPortal version 7.2.0, version 7.0.6 and below may allow a remote authenticated attacker with at least R/W permission to execute unauthorized commands via specifically crafted arguments in the Schedule System Backup page field. | 8.8 |
| 2023-12-13 | CVE-2023-47576 | Command Injection vulnerability in Relyum Rely-Pcie Firmware and Rely-Rec Firmware An issue was discovered in Relyum RELY-PCIe 22.2.1 and RELY-REC 23.1.0 devices, allowing authenticated command injection through the web interface. | 8.8 |
| 2023-12-12 | CVE-2013-2513 | Command Injection vulnerability in Milboj Flash Tool 0.5.0/0.6.0 The flash_tool gem through 0.6.0 for Ruby allows command execution via shell metacharacters in the name of a downloaded file. | 9.8 |
| 2023-12-12 | CVE-2023-49587 | Command Injection vulnerability in SAP Solution Manager 720 SAP Solution Manager - version 720, allows an authorized attacker to execute certain deprecated function modules which can read or modify data of same or other component without user interaction over the network. | 6.4 |