Vulnerabilities > Improper Neutralization of Special Elements used in a Command ('Command Injection')

DATE CVE VULNERABILITY TITLE RISK
2024-01-31 CVE-2024-23745 Command Injection vulnerability in Notion web Clipper 1.0.3(7)
In Notion Web Clipper 1.0.3(7), a .nib file is susceptible to the Dirty NIB attack.
network
low complexity
notion CWE-77
critical
9.8
2024-01-30 CVE-2024-21488 Command Injection vulnerability in Forkhq Network
Versions of the package network before 0.7.0 are vulnerable to Arbitrary Command Injection due to use of the child_process exec function without input sanitization.
network
low complexity
forkhq CWE-77
critical
9.8
2024-01-26 CVE-2024-0919 Command Injection vulnerability in Trendnet Tew-815Dap Firmware 1.0.2.0
A vulnerability was found in TRENDnet TEW-815DAP 1.0.2.0.
network
low complexity
trendnet CWE-77
7.2
2024-01-26 CVE-2024-0920 Command Injection vulnerability in Trendnet Tew-822Dre Firmware 1.03B02
A vulnerability was found in TRENDnet TEW-822DRE 1.03B02.
network
low complexity
trendnet CWE-77
7.2
2024-01-26 CVE-2024-22545 Command Injection vulnerability in Trendnet Tew-824Dru Firmware 1.04B01
An issue was discovered in TRENDnet TEW-824DRU version 1.04b01, allows unauthenticated attackers to execute arbitrary code via the system.ntp.server parameter in the sub_420AE0() function.
local
low complexity
trendnet CWE-77
7.8
2024-01-26 CVE-2024-23624 Command Injection vulnerability in Dlink Dap-1650 Firmware
A command injection vulnerability exists in the gena.cgi module of D-Link DAP-1650 devices.
network
low complexity
dlink CWE-77
critical
9.8
2024-01-26 CVE-2024-23625 Command Injection vulnerability in Dlink Dap-1650 Firmware
A command injection vulnerability exists in D-Link DAP-1650 devices when handling UPnP SUBSCRIBE messages.
network
low complexity
dlink CWE-77
critical
9.8
2024-01-26 CVE-2024-23626 Command Injection vulnerability in Motorola Mr2600 Firmware
A command injection vulnerability exists in the ‘SaveSysLogParams’ parameter of the Motorola MR2600.
network
low complexity
motorola CWE-77
8.8
2024-01-26 CVE-2024-23627 Command Injection vulnerability in Motorola Mr2600 Firmware
A command injection vulnerability exists in the 'SaveStaticRouteIPv4Params' parameter of the Motorola MR2600.
network
low complexity
motorola CWE-77
8.8
2024-01-26 CVE-2024-23628 Command Injection vulnerability in Motorola Mr2600 Firmware
A command injection vulnerability exists in the 'SaveStaticRouteIPv6Params' parameter of the Motorola MR2600.
network
low complexity
motorola CWE-77
8.8