Vulnerabilities > Improper Neutralization of Special Elements used in a Command ('Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-02 | CVE-2023-43891 | Command Injection vulnerability in Netis-Systems N3M Firmware 1.0.1.865 Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability in the Changing Username and Password function. | 9.8 |
| 2023-09-28 | CVE-2023-26145 | Command Injection vulnerability in Derrickgilland Pydash This affects versions of the package pydash before 6.0.0. | 8.1 |
| 2023-09-25 | CVE-2023-41303 | Command Injection vulnerability in Huawei Emui and Harmonyos Command injection vulnerability in the distributed file system module. | 7.5 |
| 2023-09-22 | CVE-2023-41029 | Command Injection vulnerability in Juplink Rx4-1500 Firmware Command injection vulnerability in the homemng.htm endpoint in Juplink RX4-1500 Wifi router firmware versions V1.0.2, V1.0.3, V1.0.4, and V1.0.5 allows authenticated remote attackers to execute commands as root via specially crafted HTTP requests to the vulnerable endpoint. | 8.8 |
| 2023-09-22 | CVE-2023-41031 | Command Injection vulnerability in Juplink Rx4-1500 Firmware Command injection in homemng.htm in Juplink RX4-1500 versions V1.0.2, V1.0.3, V1.0.4, and V1.0.5 allows remote authenticated attackers to execute commands via specially crafted requests to the vulnerable endpoint. | 8.8 |
| 2023-09-21 | CVE-2023-43128 | Command Injection vulnerability in Dlink Dir-806 Firmware 100Cnb11 D-LINK DIR-806 1200M11AC wireless router DIR806A1_FW100CNb11 is vulnerable to command injection due to lax filtering of HTTP_ST parameters. | 9.8 |
| 2023-09-20 | CVE-2023-43137 | Command Injection vulnerability in Tp-Link Tl-Er5120G Firmware 2.0.0 TPLINK TL-ER5120G 4.0 2.0.0 Build 210817 Rel.80868n has a command injection vulnerability, when an attacker adds ACL rules after authentication, and the rule name parameter has injection points. | 8.8 |
| 2023-09-20 | CVE-2023-43138 | Command Injection vulnerability in Tp-Link Tl-Er5120G Firmware 2.0.0 TPLINK TL-ER5120G 4.0 2.0.0 Build 210817 Rel.80868n has a command injection vulnerability, when an attacker adds NAPT rules after authentication, and the rule name has an injection point. | 8.8 |
| 2023-09-20 | CVE-2023-43202 | Command Injection vulnerability in Dlink Dwl-6610Ap Firmware 4.3.0.8B003C D-LINK DWL-6610 FW_v_4.3.0.8B003C was discovered to contain a command injection vulnerability in the function pcap_download_handler. | 9.8 |
| 2023-09-20 | CVE-2023-43204 | Command Injection vulnerability in Dlink Dwl-6610Ap Firmware 4.3.0.8B003C D-LINK DWL-6610 FW_v_4.3.0.8B003C was discovered to contain a command injection vulnerability in the function sub_2EF50. | 9.8 |