Vulnerabilities > Improper Neutralization of Special Elements used in a Command ('Command Injection')

DATE CVE VULNERABILITY TITLE RISK
2023-05-05 CVE-2023-30135 Command Injection vulnerability in Tenda Ac18 Firmware 15.03.05.19(6318)Cn
Tenda AC18 v15.03.05.19(6318_)_cn was discovered to contain a command injection vulnerability via the deviceName parameter in the setUsbUnload function.
network
low complexity
tenda CWE-77
critical
 9.8
9.8
2023-05-04 CVE-2023-2520 Command Injection vulnerability in Catontechnology Caton Prime 2.1.2.51.E8D7225049(202303031001)
A vulnerability was found in Caton Prime 2.1.2.51.e8d7225049(202303031001) and classified as critical.
network
low complexity
catontechnology CWE-77
critical
 9.8
9.8
2023-05-02 CVE-2023-32007 Command Injection vulnerability in Apache Spark
** UNSUPPORTED WHEN ASSIGNED ** The Apache Spark UI offers the possibility to enable ACLs via the configuration option spark.acls.enable.
network
low complexity
apache CWE-77
8.8
8.8
2023-04-28 CVE-2023-2376 Command Injection vulnerability in UI Er-X-Sfp Firmware and Er-X Firmware
A vulnerability was found in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6.
network
low complexity
ui CWE-77
8.8
8.8
2023-04-28 CVE-2023-2377 Command Injection vulnerability in UI Er-X-Sfp Firmware and Er-X Firmware
A vulnerability was found in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6.
network
low complexity
ui CWE-77
8.8
8.8
2023-04-28 CVE-2023-2378 Command Injection vulnerability in UI Er-X-Sfp Firmware and Er-X Firmware
A vulnerability was found in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6.
network
low complexity
ui CWE-77
8.8
8.8
2023-04-28 CVE-2023-2374 Command Injection vulnerability in UI Er-X-Sfp Firmware and Er-X Firmware
A vulnerability has been found in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6 and classified as critical.
network
low complexity
ui CWE-77
8.8
8.8
2023-04-28 CVE-2023-2375 Command Injection vulnerability in UI Er-X-Sfp Firmware and Er-X Firmware
A vulnerability was found in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6 and classified as critical.
network
low complexity
ui CWE-77
8.8
8.8
2023-04-28 CVE-2023-2373 Command Injection vulnerability in UI Edgemax Edgerouter Firmware 2.0.9
A vulnerability, which was classified as critical, was found in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6.
network
low complexity
ui CWE-77
8.8
8.8
2023-04-24 CVE-2023-30623 Command Injection vulnerability in WIP Project WIP
`embano1/wip` is a GitHub Action written in Bash.
network
low complexity
wip-project CWE-77
8.8
8.8