Vulnerabilities > Improper Neutralization of Special Elements used in a Command ('Command Injection')

DATE CVE VULNERABILITY TITLE RISK
2024-09-10 CVE-2024-42427 Command Injection vulnerability in Dell Wyse Thinos 9.5.1079/9.5.2109
Dell ThinOS versions 2402 and 2405, contains an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability.
low complexity
dell CWE-77
7.6
2024-09-09 CVE-2024-44410 Command Injection vulnerability in Dlink Di-8300 Firmware 16.07.26A1
D-Link DI-8300 v16.07.26A1 is vulnerable to command injection via the upgrade_filter_asp function.
network
low complexity
dlink CWE-77
critical
9.8
2024-09-06 CVE-2023-47563 Command Injection vulnerability in Qnap Video Station
An OS command injection vulnerability has been reported to affect Video Station.
network
low complexity
qnap CWE-77
8.8
2024-09-06 CVE-2024-21903 Command Injection vulnerability in Qnap QTS and Quts Hero
An OS command injection vulnerability has been reported to affect several QNAP operating system versions.
network
low complexity
qnap CWE-77
4.7
2024-09-06 CVE-2024-38641 Command Injection vulnerability in Qnap QTS and Quts Hero
An OS command injection vulnerability has been reported to affect several QNAP operating system versions.
local
low complexity
qnap CWE-77
7.8
2024-09-06 CVE-2024-44401 Command Injection vulnerability in Dlink Di-8100G Firmware 17.12.20A1
D-Link DI-8100G 17.12.20A1 is vulnerable to Command Injection via sub47A60C function in the upgrade_filter.asp file
network
low complexity
dlink CWE-77
critical
9.8
2024-09-06 CVE-2024-44402 Command Injection vulnerability in Dlink Di-8100G Firmware 17.12.20A1
D-Link DI-8100G 17.12.20A1 is vulnerable to Command Injection via msp_info.htm.
network
low complexity
dlink CWE-77
critical
9.8
2024-09-06 CVE-2024-38486 Command Injection vulnerability in Dell Smartfabric Os10
Dell SmartFabric OS10 Software, version(s) 10.5.5.4 through 10.5.5.10 and 10.5.6.x , contain(s) an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability.
network
low complexity
dell CWE-77
8.8
2024-09-04 CVE-2024-44383 Command Injection vulnerability in Wayos Fbm-291W Firmware 19.09.11
WAYOS FBM-291W v19.09.11 is vulnerable to Command Execution via msp_info_htm.
low complexity
wayos CWE-77
6.8
2024-09-04 CVE-2024-44400 Command Injection vulnerability in Dlink Di-8400 Firmware 16.07.26A1
A vulnerability was discovered in DI_8400-16.07.26A1, which has been classified as critical.
network
low complexity
dlink CWE-77
critical
9.8