Vulnerabilities > Improper Neutralization of Special Elements used in a Command ('Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-20 | CVE-2023-25805 | Command Injection vulnerability in Versionn Project Versionn versionn, software for changing version information across multiple files, has a command injection vulnerability in all versions prior to version 1.1.0. | 9.8 |
| 2023-02-17 | CVE-2022-40021 | Command Injection vulnerability in Qvidium Amino A140 Firmware QVidium Technologies Amino A140 (prior to firmware version 1.0.0-283) was discovered to contain a command injection vulnerability. | 9.8 |
| 2023-02-16 | CVE-2023-24236 | Command Injection vulnerability in Totolink A7100Ru Firmware 7.4Cu.2313B20191024 TOTOlink A7100RU(V7.4cu.2313_B20191024) was discovered to contain a command injection vulnerability via the province parameter at setting/delStaticDhcpRules. | 9.8 |
| 2023-02-16 | CVE-2023-24238 | Command Injection vulnerability in Totolink A7100Ru Firmware 7.4Cu.2313B20191024 TOTOlink A7100RU(V7.4cu.2313_B20191024) was discovered to contain a command injection vulnerability via the city parameter at setting/delStaticDhcpRules. | 9.8 |
| 2023-02-15 | CVE-2023-0849 | Command Injection vulnerability in Netgear Wndr3700 Firmware 1.0.1.14 A vulnerability has been found in Netgear WNDR3700v2 1.0.1.14 and classified as critical. | 9.8 |
| 2023-02-14 | CVE-2023-22935 | Command Injection vulnerability in Splunk and Splunk Cloud Platform In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the ‘display.page.search.patterns.sensitivity’ search parameter lets a search bypass SPL safeguards for risky commands. | 8.8 |
| 2023-02-14 | CVE-2023-24159 | Command Injection vulnerability in Totolink Ca300-Poe Firmware 6.2C.884 TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a command injection vulnerability via the admpass parameter in the setPasswordCfg function. | 9.8 |
| 2023-02-14 | CVE-2023-24160 | Command Injection vulnerability in Totolink Ca300-Poe Firmware 6.2C.884 TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a command injection vulnerability via the admuser parameter in the setPasswordCfg function. | 9.8 |
| 2023-02-14 | CVE-2023-24161 | Command Injection vulnerability in Totolink Ca300-Poe Firmware 6.2C.884 TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a command injection vulnerability via the webWlanIdx parameter in the setWebWlanIdx function. | 9.8 |
| 2023-02-13 | CVE-2022-40022 | Command Injection vulnerability in Microchip Syncserver S650 Firmware Microchip Technology (Microsemi) SyncServer S650 was discovered to contain a command injection vulnerability. | 9.8 |