Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-10 | CVE-2024-7699 | OS Command Injection vulnerability in Phoenixcontact products An low privileged remote attacker can execute OS commands with root privileges due to improper neutralization of special elements in user data. | 8.8 |
| 2024-09-08 | CVE-2024-8574 | OS Command Injection vulnerability in Totolink T8 Firmware 4.1.5Cu.861B20230220 A vulnerability has been found in TOTOLINK AC1200 T8 4.1.5cu.861_B20230220 and classified as critical. | 8.8 |
| 2024-09-06 | CVE-2024-44844 | OS Command Injection vulnerability in Draytek Vigor3900 Firmware 1.5.1.6 DrayTek Vigor3900 v1.5.1.6 was discovered to contain an authenticated command injection vulnerability via the name parameter in the run_command function. | 8.8 |
| 2024-09-06 | CVE-2024-44845 | OS Command Injection vulnerability in Draytek Vigor3900 Firmware 1.5.1.6 DrayTek Vigor3900 v1.5.1.6 was discovered to contain an authenticated command injection vulnerability via the value parameter in the filter_string function. | 8.8 |
| 2024-09-06 | CVE-2023-34974 | OS Command Injection vulnerability in Qnap QTS and Quts Hero An OS command injection vulnerability has been reported to affect several QNAP operating system versions. | 8.8 |
| 2024-09-06 | CVE-2023-34979 | OS Command Injection vulnerability in Qnap QTS and Quts Hero An OS command injection vulnerability has been reported to affect several QNAP operating system versions. | 7.2 |
| 2024-09-06 | CVE-2023-39300 | OS Command Injection vulnerability in Qnap QTS An OS command injection vulnerability has been reported to affect legacy QTS. | 7.2 |
| 2024-09-06 | CVE-2024-21898 | OS Command Injection vulnerability in Qnap QTS and Quts Hero An OS command injection vulnerability has been reported to affect several QNAP operating system versions. | 8.8 |
| 2024-09-06 | CVE-2024-21906 | OS Command Injection vulnerability in Qnap QTS and Quts Hero An OS command injection vulnerability has been reported to affect several QNAP operating system versions. | 4.7 |
| 2024-09-04 | CVE-2024-20469 | OS Command Injection vulnerability in Cisco Identity Services Engine 3.2/3.3 A vulnerability in specific CLI commands in Cisco Identity Services Engine (ISE) could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. | 6.7 |