Vulnerabilities > Improper Neutralization of Special Elements used in a Command ('Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-07 | CVE-2023-37146 | Command Injection vulnerability in Totolink Lr350 Firmware 9.3.5U.6369B20220309 TOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to contain a command injection vulnerability via the FileName parameter in the UploadFirmwareFile function. | 9.8 |
| 2023-07-07 | CVE-2023-37148 | Command Injection vulnerability in Totolink Lr350 Firmware 9.3.5U.6369B20220309 TOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to contain a command injection vulnerability via the ussd parameter in the setUssd function. | 9.8 |
| 2023-07-07 | CVE-2023-37149 | Command Injection vulnerability in Totolink Lr350 Firmware 9.3.5U.6369B20220309 TOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to contain a command injection vulnerability via the FileName parameter in the setUploadSetting function. | 9.8 |
| 2023-07-06 | CVE-2023-22306 | Command Injection vulnerability in Milesight Ur32L Firmware 32.3.0.5 An OS command injection vulnerability exists in the libzebra.so bridge_group functionality of Milesight UR32L v32.3.0.5. | 7.2 |
| 2023-07-06 | CVE-2023-24583 | Command Injection vulnerability in Milesight Ur32L Firmware 32.3.0.5 Two OS command injection vulnerabilities exist in the urvpn_client cmd_name_action functionality of Milesight UR32L v32.3.0.5. | 8.8 |
| 2023-07-05 | CVE-2023-36457 | Command Injection vulnerability in Fit2Cloud 1Panel 1Panel is an open source Linux server operation and maintenance management panel. | 8.8 |
| 2023-07-05 | CVE-2023-36458 | Command Injection vulnerability in Fit2Cloud 1Panel 1Panel is an open source Linux server operation and maintenance management panel. | 8.8 |
| 2023-07-05 | CVE-2023-35972 | Command Injection vulnerability in Arubanetworks Arubaos An authenticated remote command injection vulnerability exists in the ArubaOS web-based management interface. Successful exploitation of this vulnerability results in the ability to execute arbitrary commands as a privileged user on the underlying operating system. | 7.2 |
| 2023-07-05 | CVE-2023-35973 | Command Injection vulnerability in Arubanetworks Arubaos Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. | 7.2 |
| 2023-07-05 | CVE-2023-35974 | Command Injection vulnerability in Arubanetworks Arubaos Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. | 7.2 |