VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
> Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2024-07-24
CVE-2024-39345
AdTran 834-5 HDC17600021F1 (SmartOS 11.1.1.1) devices enable the SSH service by default and have a hidden, undocumented, hard-coded support account whose password is based on the devices MAC address.
network
low complexity
CWE-78
7.2
7.2
2024-07-09
CVE-2024-28748
A remote attacker with high privileges may use a reading file function to inject OS commands.
network
low complexity
CWE-78
7.2
7.2
2024-07-09
CVE-2024-28749
A remote attacker with high privileges may use a writing file function to inject OS commands.
network
low complexity
CWE-78
7.2
7.2
2024-07-09
CVE-2024-28751
An high privileged remote attacker can enable telnet access that accepts hardcoded credentials.
network
low complexity
CWE-78
critical
9.1
9.1
2024-07-08
CVE-2023-50381
OS Command Injection vulnerability in multiple products
Three os command injection vulnerabilities exist in the boa formWsc functionality of Realtek rtl819x Jungle SDK v3.4.11.
network
low complexity
realtek
level1
CWE-78
7.2
7.2
2024-07-08
CVE-2023-50382
OS Command Injection vulnerability in multiple products
Three os command injection vulnerabilities exist in the boa formWsc functionality of Realtek rtl819x Jungle SDK v3.4.11.
network
low complexity
realtek
level1
CWE-78
7.2
7.2
2024-07-08
CVE-2023-50383
OS Command Injection vulnerability in multiple products
Three os command injection vulnerabilities exist in the boa formWsc functionality of Realtek rtl819x Jungle SDK v3.4.11.
network
low complexity
realtek
level1
CWE-78
7.2
7.2
2024-07-04
CVE-2024-39943
OS Command Injection vulnerability in Rejetto Http File Server
rejetto HFS (aka HTTP File Server) 3 before 0.52.10 on Linux, UNIX, and macOS allows OS command execution by remote authenticated users (if they have Upload permissions).
network
low complexity
rejetto
CWE-78
8.8
8.8
2024-07-03
CVE-2024-32937
An os command injection vulnerability exists in the CWMP SelfDefinedTimeZone functionality of Grandstream GXP2135 1.0.9.129, 1.0.11.74 and 1.0.11.79.
network
high complexity
CWE-78
8.1
8.1
2024-07-03
CVE-2024-5672
A high privileged remote attacker can execute arbitrary system commands via GET requests due to improper neutralization of special elements used in an OS command.
network
low complexity
CWE-78
7.2
7.2
«
1
(current)
2
3
4
5
...
300
301
»
Next