Vulnerabilities > Improper Neutralization of Special Elements used in a Command ('Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-14 | CVE-2023-29802 | Command Injection vulnerability in Totolink X18 Firmware 9.1.0Cu.2021B20220326/9.1.0Cu.2024B20220329 TOTOLINK X18 V9.1.0cu.2024_B20220329 was discovered to contain a command injection vulnerability via the ip parameter in the setDiagnosisCfg function. | 9.8 |
| 2023-04-14 | CVE-2023-29803 | Command Injection vulnerability in Totolink X18 Firmware 9.1.0Cu.2024B20220329 TOTOLINK X18 V9.1.0cu.2024_B20220329 was discovered to contain a command injection vulnerability via the pid parameter in the disconnectVPN function. | 9.8 |
| 2023-04-14 | CVE-2023-30638 | Command Injection vulnerability in Atos products Atos Unify OpenScape SBC 10 before 10R3.1.3, OpenScape Branch 10 before 10R3.1.2, and OpenScape BCF 10 before 10R10.7.0 allow remote authenticated admins to inject commands. | 7.2 |
| 2023-04-13 | CVE-2023-29084 | Command Injection vulnerability in Zohocorp Manageengine Admanager Plus Zoho ManageEngine ADManager Plus before 7181 allows for authenticated users to exploit command injection via Proxy settings. | 7.2 |
| 2023-04-11 | CVE-2023-28489 | Command Injection vulnerability in Siemens Cp-8031 Firmware and Cp-8050 Firmware A vulnerability has been identified in CP-8031 MASTER MODULE (All versions < CPCI85 V05), CP-8050 MASTER MODULE (All versions < CPCI85 V05). | 9.8 |
| 2023-04-07 | CVE-2023-26978 | Command Injection vulnerability in Totolink A7100Ru Firmware 7.4Cu.2313B20191024 TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the pppoeAcName parameter at /setting/setWanIeCfg. | 9.8 |
| 2023-04-07 | CVE-2023-26848 | Command Injection vulnerability in Totolink A7100Ru Firmware 7.4Cu.2313B20191024 TOTOlink A7100RU(V7.4cu.2313_B20191024) was discovered to contain a command injection vulnerability via the org parameter at setting/delStaticDhcpRules. | 9.8 |
| 2023-04-06 | CVE-2023-29473 | Command Injection vulnerability in Atos Unify Openscape 4000 and Unify Openscape 4000 Manager webservice in Atos Unify OpenScape 4000 Platform and OpenScape 4000 Manager Platform 10 R1 before 10 R1.34.4 allows an unauthenticated attacker to run arbitrary commands on the platform operating system and achieve administrative access, aka OSFOURK-23710. | 9.8 |
| 2023-04-06 | CVE-2023-29474 | Command Injection vulnerability in Atos Unify Openscape 4000 and Unify Openscape 4000 Manager inventory in Atos Unify OpenScape 4000 Platform and OpenScape 4000 Manager Platform 10 R1 before 10 R1.34.4 allows an unauthenticated attacker to run arbitrary commands on the platform operating system and achieve administrative access, aka OSFOURK-23552. | 9.8 |
| 2023-04-06 | CVE-2023-29475 | Command Injection vulnerability in Atos Unify Openscape 4000 and Unify Openscape 4000 Manager inventory in Atos Unify OpenScape 4000 Platform and OpenScape 4000 Manager Platform 10 R1 before 10 R1.34.4 allows an unauthenticated attacker to run arbitrary commands on the platform operating system and achieve administrative access, aka OSFOURK-23543. | 9.8 |