Vulnerabilities > Improper Neutralization of Special Elements used in a Command ('Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-07 | CVE-2023-38928 | Command Injection vulnerability in Netgear R7100Lg Firmware 1.0.0.78 Netgear R7100LG 1.0.0.78 was discovered to contain a command injection vulnerability via the password parameter at usb_remote_invite.cgi. | 9.8 |
| 2023-08-04 | CVE-2023-38941 | Command Injection vulnerability in Ehco1996 Django-Sspanel 2022.2.2 django-sspanel v2022.2.2 was discovered to contain a remote command execution (RCE) vulnerability via the component sspanel/admin_view.py -> GoodsCreateView._post. | 9.8 |
| 2023-08-03 | CVE-2023-38942 | Command Injection vulnerability in Dango Dango-Translator 4.5.5 Dango-Translator v4.5.5 was discovered to contain a remote command execution (RCE) vulnerability via the component app/config/cloud_config.json. | 9.8 |
| 2023-08-03 | CVE-2023-37679 | Command Injection vulnerability in Nextgen Mirth Connect 4.3.0 A remote command execution (RCE) vulnerability in NextGen Mirth Connect v4.3.0 allows attackers to execute arbitrary commands on the hosting server. | 9.8 |
| 2023-08-02 | CVE-2023-26317 | Command Injection vulnerability in MI Xiaomi Router Firmware Xiaomi routers have an external interface that can lead to command injection. | 9.8 |
| 2023-08-02 | CVE-2023-26430 | Command Injection vulnerability in Open-Xchange Appsuite Backend 7.10.6/8.10.0 Attackers with access to user accounts can inject arbitrary control characters to SIEVE mail-filter rules. | 4.3 |
| 2023-08-01 | CVE-2023-3739 | Command Injection vulnerability in Google Chrome Insufficient validation of untrusted input in Chromad in Google Chrome on ChromeOS prior to 115.0.5790.131 allowed a remote attacker to execute arbitrary code via a crafted shell script. | 6.3 |
| 2023-08-01 | CVE-2023-31429 | Command Injection vulnerability in Broadcom Fabric Operating System Brocade Fabric OS before Brocade Fabric OS 9.1.1c, 9.2.0 contains a vulnerability when using various commands such as “chassisdistribute”, “reboot”, “rasman”, errmoduleshow, errfilterset, hassiscfgperrthreshold, supportshowcfgdisable and supportshowcfgenable commands that can cause the content of shell interpreted variables to be printed in the terminal. | 5.5 |
| 2023-08-01 | CVE-2023-3718 | Command Injection vulnerability in HPE Arubaos-Cx 10.10.0000/10.10.1020/10.10.1030 An authenticated command injection vulnerability exists in the AOS-CX command line interface. | 8.8 |
| 2023-08-01 | CVE-2022-39986 | Command Injection vulnerability in Raspap A Command injection vulnerability in RaspAP 2.8.0 thru 2.8.7 allows unauthenticated attackers to execute arbitrary commands via the cfg_id parameter in /ajax/openvpn/activate_ovpncfg.php and /ajax/openvpn/del_ovpncfg.php. | 9.8 |