Vulnerabilities > Improper Neutralization of Special Elements used in a Command ('Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-09 | CVE-2023-28832 | Command Injection vulnerability in Siemens 6Gk1411-1Ac00 Firmware and 6Gk1411-5Ac00 Firmware A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 (All versions >= V2.0 < V2.1), SIMATIC Cloud Connect 7 CC716 (All versions >= V2.0 < V2.1). | 7.2 |
| 2023-05-08 | CVE-2023-22788 | Command Injection vulnerability in multiple products Multiple authenticated command injection vulnerabilities exist in the Aruba InstantOS and ArubaOS 10 command line interface. | 8.8 |
| 2023-05-08 | CVE-2023-22789 | Command Injection vulnerability in multiple products Multiple authenticated command injection vulnerabilities exist in the Aruba InstantOS and ArubaOS 10 command line interface. | 8.8 |
| 2023-05-08 | CVE-2023-22790 | Command Injection vulnerability in multiple products Multiple authenticated command injection vulnerabilities exist in the Aruba InstantOS and ArubaOS 10 command line interface. | 8.8 |
| 2023-05-08 | CVE-2023-2573 | Command Injection vulnerability in Advantech products Advantech EKI-1524, EKI-1522, EKI-1521 devices through 1.21 are affected by an command injection vulnerability in the NTP server input field, which can be triggered by authenticated users via a crafted POST request. | 8.8 |
| 2023-05-08 | CVE-2023-2574 | Command Injection vulnerability in Advantech products Advantech EKI-1524, EKI-1522, EKI-1521 devices through 1.21 are affected by an command injection vulnerability in the device name input field, which can be triggered by authenticated users via a crafted POST request. | 8.8 |
| 2023-05-05 | CVE-2023-30135 | Command Injection vulnerability in Tenda Ac18 Firmware 15.03.05.19(6318)Cn Tenda AC18 v15.03.05.19(6318_)_cn was discovered to contain a command injection vulnerability via the deviceName parameter in the setUsbUnload function. | 9.8 |
| 2023-05-04 | CVE-2023-2520 | Command Injection vulnerability in Catontechnology Caton Prime 2.1.2.51.E8D7225049(202303031001) A vulnerability was found in Caton Prime 2.1.2.51.e8d7225049(202303031001) and classified as critical. | 9.8 |
| 2023-05-02 | CVE-2023-32007 | Command Injection vulnerability in Apache Spark ** UNSUPPORTED WHEN ASSIGNED ** The Apache Spark UI offers the possibility to enable ACLs via the configuration option spark.acls.enable. | 8.8 |
| 2023-04-28 | CVE-2023-2376 | Command Injection vulnerability in UI Er-X-Sfp Firmware and Er-X Firmware A vulnerability was found in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6. | 8.8 |