Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

DATE CVE VULNERABILITY TITLE RISK
2022-05-05 CVE-2022-28579 OS Command Injection vulnerability in Totolink A7100Ru Firmware 7.4Cu.2313B20191024
It is found that there is a command injection vulnerability in the setParentalRules interface in TOTOlink A7100RU (v7.4cu.2313_b20191024) router, which allows an attacker to execute arbitrary commands through a carefully constructed payload.
network
low complexity
totolink CWE-78
critical
9.8
2022-05-05 CVE-2022-28580 OS Command Injection vulnerability in Totolink A7100Ru Firmware 7.4Cu.2313B20191024
It is found that there is a command injection vulnerability in the setL2tpServerCfg interface in TOTOlink A7100RU (v7.4cu.2313_b20191024) router, which allows an attacker to execute arbitrary commands through a carefully constructed payload.
network
low complexity
totolink CWE-78
critical
9.8
2022-05-05 CVE-2022-28581 OS Command Injection vulnerability in Totolink A7100Ru Firmware 7.4Cu.2313B20191024
It is found that there is a command injection vulnerability in the setWiFiAdvancedCfg interface in TOTOlink A7100RU (v7.4cu.2313_b20191024) router, which allows an attacker to execute arbitrary commands through a carefully constructed payload.
network
low complexity
totolink CWE-78
critical
9.8
2022-05-05 CVE-2022-28582 OS Command Injection vulnerability in Totolink A7100Ru Firmware 7.4Cu.2313B20191024
It is found that there is a command injection vulnerability in the setWiFiSignalCfg interface in TOTOlink A7100RU (v7.4cu.2313_b20191024) router, which allows an attacker to execute arbitrary commands through a carefully constructed payload.
network
low complexity
totolink CWE-78
critical
9.8
2022-05-05 CVE-2022-28583 OS Command Injection vulnerability in Totolink A7100Ru Firmware 7.4Cu.2313B20191024
It is found that there is a command injection vulnerability in the setWiFiWpsCfg interface in TOTOlink A7100RU (v7.4cu.2313_b20191024) router, which allows an attacker to execute arbitrary commands through a carefully constructed payload.
network
low complexity
totolink CWE-78
critical
9.8
2022-05-05 CVE-2022-28584 OS Command Injection vulnerability in Totolink A7100Ru Firmware 7.4Cu.2313B20191024
It is found that there is a command injection vulnerability in the setWiFiWpsStart interface in TOTOlink A7100RU (v7.4cu.2313_b20191024) router, which allows an attacker to execute arbitrary commands through a carefully constructed payload.
network
low complexity
totolink CWE-78
critical
9.8
2022-05-05 CVE-2022-29592 OS Command Injection vulnerability in Tenda TX9 PRO Firmware 22.03.02.10
Tenda TX9 Pro 22.03.02.10 devices allow OS command injection via set_route (called by doSystemCmd_route).
network
low complexity
tenda CWE-78
critical
9.8
2022-05-05 CVE-2021-41739 OS Command Injection vulnerability in Artica-Proxy Artica Proxy 4.30.000000
A OS Command Injection vulnerability was discovered in Artica Proxy 4.30.000000.
network
low complexity
artica-proxy CWE-78
critical
9.8
2022-05-04 CVE-2022-20799 OS Command Injection vulnerability in Cisco products
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV340 and RV345 Routers could allow an authenticated, remote attacker to inject and execute arbitrary commands on the underlying operating system of an affected device.
network
low complexity
cisco CWE-78
7.2
2022-05-04 CVE-2022-20801 OS Command Injection vulnerability in Cisco products
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV340 and RV345 Routers could allow an authenticated, remote attacker to inject and execute arbitrary commands on the underlying operating system of an affected device.
network
low complexity
cisco CWE-78
7.2