Vulnerabilities > Improper Neutralization of Special Elements used in a Command ('Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-20 | CVE-2020-22662 | Command Injection vulnerability in Ruckuswireless products In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 (SCG200) before 3.6.2.0.795, SmartZone 100 (SZ-100) before 3.6.2.0.795, SmartZone 300 (SZ300) before 3.6.2.0.795, Virtual SmartZone (vSZ) before 3.6.2.0.795, ZoneDirector 1100 9.10.2.0.130, ZoneDirector 1200 10.2.1.0.218, ZoneDirector 3000 10.2.1.0.218, ZoneDirector 5000 10.0.1.0.151, a vulnerability allows attackers to change and set unauthorized "illegal region code" by remote code Execution command injection which leads to run illegal frequency with maxi output power. | 7.5 |
| 2023-01-14 | CVE-2022-41955 | Command Injection vulnerability in Autolabproject Autolab Autolab is a course management service, initially developed by a team of students at Carnegie Mellon University, that enables instructors to offer autograded programming assignments to their students over the Web. | 8.8 |
| 2023-01-14 | CVE-2023-22496 | Command Injection vulnerability in Netdata Netdata is an open source option for real-time infrastructure monitoring and troubleshooting. | 9.8 |
| 2023-01-11 | CVE-2020-36650 | Command Injection vulnerability in GRY Project GRY A vulnerability, which was classified as critical, was found in IonicaBizau node-gry up to 5.x. | 8.0 |
| 2023-01-06 | CVE-2022-39073 | Command Injection vulnerability in ZTE Mf286R Firmware Nordicmf286Rb06 There is a command injection vulnerability in ZTE MF286R, Due to insufficient validation of the input parameters, an attacker could use the vulnerability to execute arbitrary commands. | 9.8 |
| 2023-01-06 | CVE-2023-22671 | Command Injection vulnerability in NSA Ghidra Ghidra/RuntimeScripts/Linux/support/launch.sh in NSA Ghidra through 10.2.2 passes user-provided input into eval, leading to command injection when calling analyzeHeadless with untrusted input. | 9.8 |
| 2023-01-03 | CVE-2022-32664 | Command Injection vulnerability in Mediatek Linkit Software Development KIT 4.6.1 In Config Manager, there is a possible command injection due to improper input validation. | 8.8 |
| 2023-01-03 | CVE-2022-32665 | Command Injection vulnerability in Mediatek Linkit Software Development KIT 4.6.1 In Boa, there is a possible command injection due to improper input validation. | 9.8 |
| 2022-12-30 | CVE-2022-44621 | Command Injection vulnerability in Apache Kylin Diagnosis Controller miss parameter validation, so user may attacked by command injection via HTTP Request. | 9.8 |
| 2022-12-23 | CVE-2022-46641 | Command Injection vulnerability in Dlink Dir-846 Firmware 100A43 D-Link DIR-846 A1_FW100A43 was discovered to contain a command injection vulnerability via the lan(0)_dhcps_staticlist parameter in the SetIpMacBindSettings function. | 9.9 |