Vulnerabilities > Improper Neutralization of Special Elements used in a Command ('Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-12 | CVE-2024-8640 | Command Injection vulnerability in Gitlab An issue has been discovered in GitLab EE affecting all versions starting from 16.11 prior to 17.1.7, from 17.2 prior to 17.2.5, and from 17.3 prior to 17.3.2. | 8.8 |
| 2024-09-11 | CVE-2024-44466 | Command Injection vulnerability in Comfast Cf-Xr11 Firmware 2.7.2 COMFAST CF-XR11 V2.7.2 has a command injection vulnerability in function sub_424CB4. | 9.8 |
| 2024-09-10 | CVE-2023-36103 | Command Injection vulnerability in Tenda Ac15 Firmware 15.03.05.20 Command Injection vulnerability in goform/SetIPTVCfg interface of Tenda AC15 V15.03.05.20 allows remote attackers to run arbitrary commands via crafted POST request. | 9.8 |
| 2024-09-10 | CVE-2024-33508 | Command Injection vulnerability in Fortinet Forticlient Enterprise Management Server An improper neutralization of special elements used in a command ('Command Injection') vulnerability [CWE-77] in Fortinet FortiClientEMS 7.2.0 through 7.2.4, 7.0.0 through 7.0.12 may allow an unauthenticated attacker to execute limited and temporary operations on the underlying database via crafted requests. | 7.3 |
| 2024-09-09 | CVE-2024-44410 | Command Injection vulnerability in Dlink Di-8300 Firmware 16.07.26A1 D-Link DI-8300 v16.07.26A1 is vulnerable to command injection via the upgrade_filter_asp function. | 9.8 |
| 2024-09-06 | CVE-2023-47563 | Command Injection vulnerability in Qnap Video Station An OS command injection vulnerability has been reported to affect Video Station. | 8.8 |
| 2024-09-06 | CVE-2024-21903 | Command Injection vulnerability in Qnap QTS and Quts Hero An OS command injection vulnerability has been reported to affect several QNAP operating system versions. | 4.7 |
| 2024-09-06 | CVE-2024-38641 | Command Injection vulnerability in Qnap QTS and Quts Hero An OS command injection vulnerability has been reported to affect several QNAP operating system versions. | 7.8 |
| 2024-09-06 | CVE-2024-44401 | Command Injection vulnerability in Dlink Di-8100G Firmware 17.12.20A1 D-Link DI-8100G 17.12.20A1 is vulnerable to Command Injection via sub47A60C function in the upgrade_filter.asp file | 9.8 |
| 2024-09-06 | CVE-2024-44402 | Command Injection vulnerability in Dlink Di-8100G Firmware 17.12.20A1 D-Link DI-8100G 17.12.20A1 is vulnerable to Command Injection via msp_info.htm. | 9.8 |