Vulnerabilities > Improper Neutralization of Special Elements used in a Command ('Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-06 | CVE-2024-38486 | Command Injection vulnerability in Dell Smartfabric Os10 Dell SmartFabric OS10 Software, version(s) 10.5.5.4 through 10.5.5.10 and 10.5.6.x , contain(s) an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. | 8.8 |
| 2024-09-04 | CVE-2024-44383 | Command Injection vulnerability in Wayos Fbm-291W Firmware 19.09.11 WAYOS FBM-291W v19.09.11 is vulnerable to Command Execution via msp_info_htm. | 6.8 |
| 2024-09-04 | CVE-2024-44400 | Command Injection vulnerability in Dlink Di-8400 Firmware 16.07.26A1 A vulnerability was discovered in DI_8400-16.07.26A1, which has been classified as critical. | 9.8 |
| 2024-08-28 | CVE-2021-38120 | Command Injection vulnerability in Microfocus Netiq Advanced Authentication A vulnerability identified in Advance Authentication that allows bash command Injection in administrative controlled functionality of backup due to improper handling in provided command parameters. | 7.2 |
| 2024-08-27 | CVE-2024-8212 | Command Injection vulnerability in Dlink products A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20240814. | 9.8 |
| 2024-08-26 | CVE-2023-26315 | Command Injection vulnerability in MI Ax9000 Firmware The Xiaomi router AX9000 has a post-authentication command injection vulnerability. | 8.8 |
| 2024-08-26 | CVE-2024-8073 | Command Injection vulnerability in Hillstonenet web Application Firewall 5.5R62.6.7/5.5R62.8.13 Improper Input Validation vulnerability in Hillstone Networks Hillstone Networks Web Application Firewall on 5.5R6 allows Command Injection.This issue affects Hillstone Networks Web Application Firewall: from 5.5R6-2.6.7 through 5.5R6-2.8.13. | 9.8 |
| 2024-08-22 | CVE-2024-7110 | Command Injection vulnerability in Gitlab An issue was discovered in GitLab EE affecting all versions starting 17.0 to 17.1.6, 17.2 prior to 17.2.4, and 17.3 prior to 17.3.1 allows an attacker to execute arbitrary command in a victim's pipeline through prompt injection. | 6.4 |
| 2024-08-19 | CVE-2024-7922 | Command Injection vulnerability in Dell products A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20240814 and classified as critical. | 9.8 |
| 2024-08-18 | CVE-2024-7907 | Command Injection vulnerability in Totolink X6000R Firmware 9.4.0Cu.852B20230719 A vulnerability, which was classified as critical, has been found in TOTOLINK X6000R 9.4.0cu.852_20230719. | 9.8 |