Vulnerabilities > Improper Neutralization of Special Elements used in a Command ('Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-01 | CVE-2023-22769 | Command Injection vulnerability in Arubanetworks Arubaos and Sd-Wan Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. | 7.2 |
| 2023-03-01 | CVE-2023-22770 | Command Injection vulnerability in Arubanetworks Arubaos and Sd-Wan Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. | 7.2 |
| 2023-02-27 | CVE-2022-48255 | Command Injection vulnerability in Huawei Bisheng-Wnm Firmware 3.0.0.325 There is a system command injection vulnerability in BiSheng-WNM FW 3.0.0.325. | 9.8 |
| 2023-02-27 | CVE-2022-48259 | Command Injection vulnerability in Huawei Bisheng-Wnm Firmware 3.0.0.325 There is a system command injection vulnerability in BiSheng-WNM FW 3.0.0.325. | 9.8 |
| 2023-02-27 | CVE-2023-23080 | Command Injection vulnerability in Tenda products Certain Tenda products are vulnerable to command injection. | 9.8 |
| 2023-02-26 | CVE-2023-26602 | Command Injection vulnerability in Asus Asmb8-Ikvm Firmware 1.14.51 ASUS ASMB8 iKVM firmware through 1.14.51 allows remote attackers to execute arbitrary code by using SNMP to create extensions, as demonstrated by snmpset for NET-SNMP-EXTEND-MIB with /bin/sh for command execution. | 9.8 |
| 2023-02-23 | CVE-2023-23294 | Command Injection vulnerability in Korenix products Korenix JetWave 4200 Series 1.3.0 and JetWave 3000 Series 1.6.0 are vulnerable to Command Injection. | 8.8 |
| 2023-02-23 | CVE-2023-23295 | Command Injection vulnerability in Korenix products Korenix Jetwave 4200 Series 1.3.0 and JetWave 3000 Series 1.6.0 are vulnerable to Command Injection via /goform/formSysCmd. | 8.8 |
| 2023-02-22 | CVE-2022-45600 | Command Injection vulnerability in Aztech Wmb250Ac Firmware 0162020 Aztech WMB250AC Mesh Routers Firmware Version 016 2020 devices improperly manage sessions, which allows remote attackers to bypass authentication in opportunistic circumstances and execute arbitrary commands with administrator privileges by leveraging an existing web portal login. | 8.8 |
| 2023-02-21 | CVE-2023-24184 | Command Injection vulnerability in Totolink A7100Ru Firmware 7.4Cu.2313B20191024 TOTOLink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability. | 9.8 |