Vulnerabilities > Improper Neutralization of Special Elements used in a Command ('Command Injection')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2025-01-14 | CVE-2024-39765 | Multiple OS command injection vulnerabilities exist in the internet.cgi set_add_routing() functionality of Wavlink AC3000 M33A8.V5030.210505. | 9.1 |
2025-01-14 | CVE-2024-39781 | Multiple OS command injection vulnerabilities exist in the adm.cgi sch_reboot() functionality of Wavlink AC3000 M33A8.V5030.210505. | 9.1 |
2025-01-14 | CVE-2024-39782 | Multiple OS command injection vulnerabilities exist in the adm.cgi sch_reboot() functionality of Wavlink AC3000 M33A8.V5030.210505. | 9.1 |
2025-01-14 | CVE-2024-39783 | Multiple OS command injection vulnerabilities exist in the adm.cgi sch_reboot() functionality of Wavlink AC3000 M33A8.V5030.210505. | 9.1 |
2024-12-20 | CVE-2022-32203 | Command Injection vulnerability in Huawei Cv81-Wdm Firmware 01.70.49.29.46 There is a command injection vulnerability in Huawei terminal printer product. | 9.8 |
2024-12-17 | CVE-2024-12356 | Command Injection vulnerability in Beyondtrust Remote Support A critical vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) products which can allow an unauthenticated attacker to inject commands that are run as a site user. | 9.8 |
2024-12-13 | CVE-2024-55956 | Command Injection vulnerability in Cleo Lexicom and Vltrader In Cleo Harmony before 5.8.0.24, VLTrader before 5.8.0.24, and LexiCom before 5.8.0.24, an unauthenticated user can import and execute arbitrary Bash or PowerShell commands on the host system by leveraging the default settings of the Autorun directory. | 9.8 |
2024-12-11 | CVE-2024-53290 | Command Injection vulnerability in Dell Thinos 2408 Dell ThinOS version 2408 contains an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. | 8.4 |
2024-12-10 | CVE-2024-11634 | Command Injection vulnerability in Ivanti Connect Secure 22.7/7.1/7.4 Command injection in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker with admin privileges to achieve remote code execution. | 7.2 |
2024-12-10 | CVE-2024-11772 | Command Injection vulnerability in Ivanti Cloud Services Appliance 4.5/4.6/5.0 Command injection in the admin web console of Ivanti CSA before version 5.0.3 allows a remote authenticated attacker with admin privileges to achieve remote code execution. | 7.2 |