Vulnerabilities > Improper Neutralization of Special Elements used in a Command ('Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-29 | CVE-2023-34849 | Command Injection vulnerability in Ikuai8 Ikuaios An unauthorized command injection vulnerability exists in the ActionLogin function of the webman.lua file in Ikuai router OS through 3.7.1. | 9.8 |
| 2023-06-28 | CVE-2023-26134 | Command Injection vulnerability in Git-Commit-Info Project Git-Commit-Info Versions of the package git-commit-info before 2.0.2 are vulnerable to Command Injection such that the package-exported method gitCommitInfo () fails to sanitize its parameter commit, which later flows into a sensitive command execution API. | 9.8 |
| 2023-06-23 | CVE-2023-30260 | Command Injection vulnerability in Raspap Command injection vulnerability in RaspAP raspap-webgui 2.8.8 and earlier allows remote attackers to run arbitrary commands via crafted POST request to hostapd settings form. | 8.8 |
| 2023-06-20 | CVE-2023-26429 | Command Injection vulnerability in Open-Xchange Appsuite Backend Control characters were not removed when exporting user feedback content. | 5.3 |
| 2023-06-15 | CVE-2023-24032 | Command Injection vulnerability in Zimbra Collaboration 8.8.15/9.0.0 In Zimbra Collaboration Suite through 9.0 and 8.8.15, an attacker (who has initial user access to a Zimbra server instance) can execute commands as root by passing one of JVM arguments, leading to local privilege escalation (LPE). | 7.8 |
| 2023-06-14 | CVE-2023-31746 | Command Injection vulnerability in Vw2100 Project Vw2100 Firmware M1Dv1.0 There is a command injection vulnerability in the adslr VW2100 router with firmware version M1DV1.0. | 9.8 |
| 2023-06-13 | CVE-2023-27836 | Command Injection vulnerability in Tp-Link Tl-Wpa8630P Firmware 171011 TP-Link TL-WPA8630P (US)_ V2_ Version 171011 was discovered to contain a command injection vulnerability via the devicePwd parameter in the function sub_ 40A80C. | 9.8 |
| 2023-06-13 | CVE-2023-27837 | Command Injection vulnerability in Tp-Link Tl-Wpa8630P Firmware 171011 TP-Link TL-WPA8630P (US)_ V2_ Version 171011 was discovered to contain a command injection vulnerability via the key parameter in the function sub_ 40A774. | 9.8 |
| 2023-06-13 | CVE-2023-33919 | Command Injection vulnerability in Siemens Cpci85 Firmware A vulnerability has been identified in CP-8031 MASTER MODULE (All versions < CPCI85 V05), CP-8050 MASTER MODULE (All versions < CPCI85 V05). | 7.2 |
| 2023-06-12 | CVE-2023-26294 | Command Injection vulnerability in HP Device Manager Previous versions of HP Device Manager (prior to HPDM 5.0.10) could potentially allow command injection and/or elevation of privileges. | 7.8 |