Vulnerabilities > Improper Neutralization of Special Elements used in a Command ('Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-06 | CVE-2023-22306 | Command Injection vulnerability in Milesight Ur32L Firmware 32.3.0.5 An OS command injection vulnerability exists in the libzebra.so bridge_group functionality of Milesight UR32L v32.3.0.5. | 7.2 |
| 2023-07-06 | CVE-2023-24583 | Command Injection vulnerability in Milesight Ur32L Firmware 32.3.0.5 Two OS command injection vulnerabilities exist in the urvpn_client cmd_name_action functionality of Milesight UR32L v32.3.0.5. | 8.8 |
| 2023-07-05 | CVE-2023-36457 | Command Injection vulnerability in Fit2Cloud 1Panel 1Panel is an open source Linux server operation and maintenance management panel. | 8.8 |
| 2023-07-05 | CVE-2023-36458 | Command Injection vulnerability in Fit2Cloud 1Panel 1Panel is an open source Linux server operation and maintenance management panel. | 8.8 |
| 2023-07-05 | CVE-2023-35972 | Command Injection vulnerability in Arubanetworks Arubaos An authenticated remote command injection vulnerability exists in the ArubaOS web-based management interface. Successful exploitation of this vulnerability results in the ability to execute arbitrary commands as a privileged user on the underlying operating system. | 7.2 |
| 2023-07-05 | CVE-2023-35973 | Command Injection vulnerability in Arubanetworks Arubaos Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. | 7.2 |
| 2023-07-05 | CVE-2023-35974 | Command Injection vulnerability in Arubanetworks Arubaos Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. | 7.2 |
| 2023-07-01 | CVE-2023-28365 | Command Injection vulnerability in UI Unifi 2.3.5/2.3.6 A backup file vulnerability found in UniFi applications (Version 7.3.83 and earlier) running on Linux operating systems allows application administrators to execute malicious commands on the host device being restored. | 9.1 |
| 2023-06-30 | CVE-2023-22815 | Command Injection vulnerability in Westerndigital MY Cloud OS Post-authentication remote command injection vulnerability in Western Digital My Cloud OS 5 devices that could allow an attacker to execute code in the context of the root user on vulnerable CGI files. | 6.7 |
| 2023-06-30 | CVE-2023-22816 | Command Injection vulnerability in Westerndigital MY Cloud OS A post-authentication remote command injection vulnerability in a CGI file in Western Digital My Cloud OS 5 devices that could allow an attacker to build files with redirects and execute larger payloads. This issue affects My Cloud OS 5 devices: before 5.26.300. | 8.8 |