Vulnerabilities > Improper Neutralization of Special Elements used in a Command ('Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-07 | CVE-2023-37144 | Command Injection vulnerability in Tendacn Ac10 Firmware 15.03.06.26 Tenda AC10 v15.03.06.26 was discovered to contain a command injection vulnerability via the mac parameter in the function formWriteFacMac. | 9.8 |
| 2023-07-07 | CVE-2023-37145 | Command Injection vulnerability in Totolink Lr350 Firmware 9.3.5U.6369B20220309 TOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to contain a command injection vulnerability via the hostname parameter in the setOpModeCfg function. | 9.8 |
| 2023-07-07 | CVE-2023-37146 | Command Injection vulnerability in Totolink Lr350 Firmware 9.3.5U.6369B20220309 TOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to contain a command injection vulnerability via the FileName parameter in the UploadFirmwareFile function. | 9.8 |
| 2023-07-07 | CVE-2023-37148 | Command Injection vulnerability in Totolink Lr350 Firmware 9.3.5U.6369B20220309 TOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to contain a command injection vulnerability via the ussd parameter in the setUssd function. | 9.8 |
| 2023-07-07 | CVE-2023-37149 | Command Injection vulnerability in Totolink Lr350 Firmware 9.3.5U.6369B20220309 TOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to contain a command injection vulnerability via the FileName parameter in the setUploadSetting function. | 9.8 |
| 2023-07-05 | CVE-2023-35972 | Command Injection vulnerability in Arubanetworks Arubaos An authenticated remote command injection vulnerability exists in the ArubaOS web-based management interface. Successful exploitation of this vulnerability results in the ability to execute arbitrary commands as a privileged user on the underlying operating system. | 7.2 |
| 2023-07-05 | CVE-2023-35973 | Command Injection vulnerability in Arubanetworks Arubaos Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. | 7.2 |
| 2023-07-05 | CVE-2023-35974 | Command Injection vulnerability in Arubanetworks Arubaos Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. | 7.2 |
| 2023-07-01 | CVE-2023-28365 | Command Injection vulnerability in UI Unifi Network Application A backup file vulnerability found in UniFi applications (Version 7.3.83 and earlier) running on Linux operating systems allows application administrators to execute malicious commands on the host device being restored. | 9.1 |
| 2023-06-30 | CVE-2023-22815 | Command Injection vulnerability in Westerndigital MY Cloud OS Post-authentication remote command injection vulnerability in Western Digital My Cloud OS 5 devices that could allow an attacker to execute code in the context of the root user on vulnerable CGI files. | 6.7 |