Vulnerabilities > Improper Neutralization of Special Elements used in a Command ('Command Injection')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-12-18 | CVE-2023-39509 | Command Injection vulnerability in Bosch Cpp13 Firmware and Cpp14 Firmware A command injection vulnerability exists in Bosch IP cameras that allows an authenticated user with administrative rights to run arbitrary commands on the OS of the camera. | 7.2 |
2023-12-16 | CVE-2023-6848 | Command Injection vulnerability in Kodcloud Kodbox A vulnerability was found in kalcaddle kodbox up to 1.48. | 9.8 |
2023-12-15 | CVE-2023-50089 | Command Injection vulnerability in Netgear Wnr2000 Firmware 1.0.0.70 A Command Injection vulnerability exists in NETGEAR WNR2000v4 version 1.0.0.70. | 9.8 |
2023-12-15 | CVE-2023-50917 | Command Injection vulnerability in Mjdm Majordomo MajorDoMo (aka Major Domestic Module) before 0662e5e allows command execution via thumb.php shell metacharacters. | 9.8 |
2023-12-15 | CVE-2023-49898 | Command Injection vulnerability in Apache Streampark 2.0.0/2.1.0/2.1.1 In streampark, there is a project module that integrates Maven's compilation capability. | 7.2 |
2023-12-14 | CVE-2023-6572 | Command Injection vulnerability in Gradio Project Gradio Command Injection in GitHub repository gradio-app/gradio prior to main. | 8.1 |
2023-12-14 | CVE-2023-25643 | Command Injection vulnerability in ZTE Mc801A1 Firmware and Mc801A Firmware There is a command injection vulnerability in some ZTE mobile internet products. | 8.8 |
2023-12-13 | CVE-2023-48702 | Command Injection vulnerability in Jellyfin Jellyfin is a system for managing and streaming media. | 7.2 |
2023-12-13 | CVE-2023-48791 | Command Injection vulnerability in Fortinet Fortiportal An improper neutralization of special elements used in a command ('Command Injection') vulnerability [CWE-77] in FortiPortal version 7.2.0, version 7.0.6 and below may allow a remote authenticated attacker with at least R/W permission to execute unauthorized commands via specifically crafted arguments in the Schedule System Backup page field. | 8.8 |
2023-12-13 | CVE-2023-47576 | Command Injection vulnerability in Relyum Rely-Pcie Firmware and Rely-Rec Firmware An issue was discovered in Relyum RELY-PCIe 22.2.1 and RELY-REC 23.1.0 devices, allowing authenticated command injection through the web interface. | 8.8 |