Vulnerabilities > Improper Neutralization of Special Elements used in a Command ('Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-09 | CVE-2023-32781 | Command Injection vulnerability in Paessler Prtg Network Monitor A command injection vulnerability was identified in PRTG 23.2.84.1566 and earlier versions in the HL7 sensor where an authenticated user with write permissions could abuse the debug option to write new files that could potentially get executed by the EXE/Script sensor. | 7.2 |
| 2023-08-09 | CVE-2023-32782 | Command Injection vulnerability in Paessler Prtg Network Monitor A command injection was identified in PRTG 23.2.84.1566 and earlier versions in the Dicom C-ECHO sensor where an authenticated user with write permissions could abuse the debug option to write new files that could potentially get executed by the EXE/Script sensor. | 7.2 |
| 2023-08-09 | CVE-2023-26310 | Command Injection vulnerability in Oppo Coloros 12.3 There is a command injection problem in the old version of the mobile phone backup app. | 9.8 |
| 2023-08-07 | CVE-2023-39523 | Command Injection vulnerability in Nexb Scancode.Io ScanCode.io is a server to script and automate software composition analysis with ScanPipe pipelines. | 8.8 |
| 2023-08-07 | CVE-2023-38921 | Command Injection vulnerability in Netgear Wag302V2 Firmware and Wg302V2 Firmware Netgear WG302v2 v5.2.9 and WAG302v2 v5.1.19 were discovered to contain multiple command injection vulnerabilities in the upgrade_handler function via the firmwareRestore and firmwareServerip parameters. | 8.8 |
| 2023-08-07 | CVE-2023-38928 | Command Injection vulnerability in Netgear R7100Lg Firmware 1.0.0.78 Netgear R7100LG 1.0.0.78 was discovered to contain a command injection vulnerability via the password parameter at usb_remote_invite.cgi. | 9.8 |
| 2023-08-04 | CVE-2023-38690 | Command Injection vulnerability in Matrix IRC Bridge matrix-appservice-irc is a Node.js IRC bridge for Matrix. | 9.8 |
| 2023-08-04 | CVE-2023-38941 | Command Injection vulnerability in Ehco1996 Django-Sspanel 2022.2.2 django-sspanel v2022.2.2 was discovered to contain a remote command execution (RCE) vulnerability via the component sspanel/admin_view.py -> GoodsCreateView._post. | 9.8 |
| 2023-08-03 | CVE-2023-38942 | Command Injection vulnerability in Dango Dango-Translator 4.5.5 Dango-Translator v4.5.5 was discovered to contain a remote command execution (RCE) vulnerability via the component app/config/cloud_config.json. | 9.8 |
| 2023-08-03 | CVE-2023-4120 | Command Injection vulnerability in Byzoro Smart S85F A vulnerability was found in Byzoro Smart S85F Management Platform up to 20230722 and classified as critical. | 9.8 |