Vulnerabilities > Improper Neutralization of Special Elements used in a Command ('Command Injection')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-08-04 | CVE-2023-38941 | Command Injection vulnerability in Ehco1996 Django-Sspanel 2022.2.2 django-sspanel v2022.2.2 was discovered to contain a remote command execution (RCE) vulnerability via the component sspanel/admin_view.py -> GoodsCreateView._post. | 9.8 |
2023-08-03 | CVE-2023-38942 | Command Injection vulnerability in Dango Dango-Translator 4.5.5 Dango-Translator v4.5.5 was discovered to contain a remote command execution (RCE) vulnerability via the component app/config/cloud_config.json. | 9.8 |
2023-08-03 | CVE-2023-4120 | Command Injection vulnerability in Byzoro Smart S85F A vulnerability was found in Byzoro Smart S85F Management Platform up to 20230722 and classified as critical. | 9.8 |
2023-08-03 | CVE-2023-37679 | Command Injection vulnerability in Nextgen Mirth Connect 4.3.0 A remote command execution (RCE) vulnerability in NextGen Mirth Connect v4.3.0 allows attackers to execute arbitrary commands on the hosting server. | 9.8 |
2023-08-02 | CVE-2023-26317 | Command Injection vulnerability in MI Xiaomi Router Firmware A vulnerability has been discovered in Xiaomi routers that could allow command injection through an external interface. | 9.8 |
2023-08-02 | CVE-2023-26430 | Command Injection vulnerability in Open-Xchange Appsuite Backend 7.10.6/8.10.0 Attackers with access to user accounts can inject arbitrary control characters to SIEVE mail-filter rules. | 4.3 |
2023-08-01 | CVE-2023-3739 | Command Injection vulnerability in Google Chrome Insufficient validation of untrusted input in Chromad in Google Chrome on ChromeOS prior to 115.0.5790.131 allowed a remote attacker to execute arbitrary code via a crafted shell script. | 6.3 |
2023-08-01 | CVE-2023-31429 | Command Injection vulnerability in Broadcom Fabric Operating System Brocade Fabric OS before Brocade Fabric OS 9.1.1c, 9.2.0 contains a vulnerability when using various commands such as “chassisdistribute”, “reboot”, “rasman”, errmoduleshow, errfilterset, hassiscfgperrthreshold, supportshowcfgdisable and supportshowcfgenable commands that can cause the content of shell interpreted variables to be printed in the terminal. | 5.5 |
2023-08-01 | CVE-2023-3718 | Command Injection vulnerability in HPE Arubaos-Cx 10.10.0000/10.10.1020/10.10.1030 An authenticated command injection vulnerability exists in the AOS-CX command line interface. | 8.8 |
2023-08-01 | CVE-2022-39986 | Command Injection vulnerability in Raspap A Command injection vulnerability in RaspAP 2.8.0 thru 2.8.7 allows unauthenticated attackers to execute arbitrary commands via the cfg_id parameter in /ajax/openvpn/activate_ovpncfg.php and /ajax/openvpn/del_ovpncfg.php. | 9.8 |