Vulnerabilities > Improper Neutralization of Special Elements used in a Command ('Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-01 | CVE-2023-26822 | Command Injection vulnerability in Dlink Go-Rt-Ac750 Firmware Revav101B03 D-Link Go-RT-AC750 revA_v101b03 was discovered to contain a command injection vulnerability via the service parameter at soapcgi.main. | 9.8 |
| 2023-03-29 | CVE-2023-1685 | Command Injection vulnerability in Hadsky A vulnerability was found in HadSky up to 7.11.8. | 7.2 |
| 2023-03-29 | CVE-2023-23355 | Command Injection vulnerability in Qnap products An OS command injection vulnerability has been reported to affect QNAP operating systems. | 7.2 |
| 2023-03-28 | CVE-2023-27232 | Command Injection vulnerability in Totolink A7100Ru Firmware 7.4Cu.2313B20191024 TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the wanStrategy parameter at /setting/setWanIeCfg. | 9.8 |
| 2023-03-28 | CVE-2023-27229 | Command Injection vulnerability in Totolink A7100Ru Firmware 7.4Cu.2313B20191024 TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the upBw parameter at /setting/setWanIeCfg. | 9.8 |
| 2023-03-28 | CVE-2023-27231 | Command Injection vulnerability in Totolink A7100Ru Firmware 7.4Cu.2313B20191024 TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the downBw parameter at /setting/setWanIeCfg. | 9.8 |
| 2023-03-28 | CVE-2023-28712 | Command Injection vulnerability in Propumpservice Osprey Pump Controller Firmware 1.01 Osprey Pump Controller version 1.01 contains an unauthenticated command injection vulnerability that could allow system access with www-data permissions. | 9.8 |
| 2023-03-27 | CVE-2023-26493 | Command Injection vulnerability in Cocos Cocos-Engine Cocos Engine is an open-source framework for building 2D & 3D real-time rendering and interactive content. | 8.8 |
| 2023-03-27 | CVE-2023-1141 | Command Injection vulnerability in Deltaww Infrasuite Device Master 00.00.01A/00.00.02A Delta Electronics InfraSuite Device Master versions prior to 1.0.5 contain a command injection vulnerability that could allow an attacker to inject arbitrary commands, which could result in remote code execution. | 8.8 |
| 2023-03-26 | CVE-2023-26800 | Command Injection vulnerability in Ruijienetworks products Ruijie Networks RG-EW1200 Wireless Routers EW_3.0(1)B11P204 was discovered to contain a command injetion vulnerability via the params.path parameter in the upgradeConfirm function. | 9.8 |