Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

DATE CVE VULNERABILITY TITLE RISK
2022-05-05 CVE-2022-28575 OS Command Injection vulnerability in Totolink A7100Ru Firmware 7.4Cu.2313B20191024
It is found that there is a command injection vulnerability in the setopenvpnclientcfg interface in TOTOlink A7100RU (v7.4cu.2313_b20191024) router, which allows attackers to execute arbitrary commands through a carefully constructed payload
network
low complexity
totolink CWE-78
critical
9.8
2022-05-05 CVE-2022-28577 OS Command Injection vulnerability in Totolink A7100Ru Firmware 7.4Cu.2313B20191024
It is found that there is a command injection vulnerability in the delParentalRules interface in TOTOlink A7100RU (v7.4cu.2313_b20191024) router, which allows an attacker to execute arbitrary commands through a carefully constructed payload.
network
low complexity
totolink CWE-78
critical
9.8
2022-05-05 CVE-2022-28578 OS Command Injection vulnerability in Totolink A7100Ru Firmware 7.4Cu.2313B20191024
It is found that there is a command injection vulnerability in the setOpenVpnCfg interface in TOTOlink A7100RU (v7.4cu.2313_b20191024) router, which allows an attacker to execute arbitrary commands through a carefully constructed payload.
network
low complexity
totolink CWE-78
critical
9.8
2022-05-05 CVE-2022-28579 OS Command Injection vulnerability in Totolink A7100Ru Firmware 7.4Cu.2313B20191024
It is found that there is a command injection vulnerability in the setParentalRules interface in TOTOlink A7100RU (v7.4cu.2313_b20191024) router, which allows an attacker to execute arbitrary commands through a carefully constructed payload.
network
low complexity
totolink CWE-78
critical
9.8
2022-05-05 CVE-2022-28580 OS Command Injection vulnerability in Totolink A7100Ru Firmware 7.4Cu.2313B20191024
It is found that there is a command injection vulnerability in the setL2tpServerCfg interface in TOTOlink A7100RU (v7.4cu.2313_b20191024) router, which allows an attacker to execute arbitrary commands through a carefully constructed payload.
network
low complexity
totolink CWE-78
critical
9.8
2022-05-05 CVE-2022-28581 OS Command Injection vulnerability in Totolink A7100Ru Firmware 7.4Cu.2313B20191024
It is found that there is a command injection vulnerability in the setWiFiAdvancedCfg interface in TOTOlink A7100RU (v7.4cu.2313_b20191024) router, which allows an attacker to execute arbitrary commands through a carefully constructed payload.
network
low complexity
totolink CWE-78
critical
9.8
2022-05-05 CVE-2022-28582 OS Command Injection vulnerability in Totolink A7100Ru Firmware 7.4Cu.2313B20191024
It is found that there is a command injection vulnerability in the setWiFiSignalCfg interface in TOTOlink A7100RU (v7.4cu.2313_b20191024) router, which allows an attacker to execute arbitrary commands through a carefully constructed payload.
network
low complexity
totolink CWE-78
critical
9.8
2022-05-05 CVE-2022-28583 OS Command Injection vulnerability in Totolink A7100Ru Firmware 7.4Cu.2313B20191024
It is found that there is a command injection vulnerability in the setWiFiWpsCfg interface in TOTOlink A7100RU (v7.4cu.2313_b20191024) router, which allows an attacker to execute arbitrary commands through a carefully constructed payload.
network
low complexity
totolink CWE-78
critical
9.8
2022-05-05 CVE-2022-28584 OS Command Injection vulnerability in Totolink A7100Ru Firmware 7.4Cu.2313B20191024
It is found that there is a command injection vulnerability in the setWiFiWpsStart interface in TOTOlink A7100RU (v7.4cu.2313_b20191024) router, which allows an attacker to execute arbitrary commands through a carefully constructed payload.
network
low complexity
totolink CWE-78
critical
9.8
2022-05-05 CVE-2022-29592 OS Command Injection vulnerability in Tenda TX9 PRO Firmware 22.03.02.10
Tenda TX9 Pro 22.03.02.10 devices allow OS command injection via set_route (called by doSystemCmd_route).
network
low complexity
tenda CWE-78
critical
9.8