Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-02 | CVE-2024-33896 | OS Command Injection vulnerability in Hms-Networks Ewon Cosy+ Firmware Cosy+ devices running a firmware 21.x below 21.2s10 or a firmware 22.x below 22.1s3 are vulnerable to code injection due to improper parameter blacklisting. | 7.2 |
| 2024-07-29 | CVE-2024-5670 | OS Command Injection vulnerability in Softnext SN OS 10.3/12.1/12.3 The web services of Softnext's products, Mail SQR Expert and Mail Archiving Expert do not properly validate user input, allowing unauthenticated remote attackers to inject arbitrary OS commands and execute them on the remote server. | 9.8 |
| 2024-07-29 | CVE-2024-7175 | OS Command Injection vulnerability in Totolink A3600R Firmware 4.1.2Cu.5182B20201102 A vulnerability has been found in TOTOLINK A3600R 4.1.2cu.5182_B20201102 and classified as critical. | 8.8 |
| 2024-07-28 | CVE-2024-7171 | OS Command Injection vulnerability in Totolink A3600R Firmware 4.1.2Cu.5182B20201102 A vulnerability classified as critical has been found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. | 8.8 |
| 2024-07-26 | CVE-2024-41815 | OS Command Injection vulnerability in Starship Starship is a cross-shell prompt. | 7.0 |
| 2024-07-26 | CVE-2024-7120 | OS Command Injection vulnerability in Raisecom products A vulnerability, which was classified as critical, was found in Raisecom MSG1200, MSG2100E, MSG2200 and MSG2300 3.90. | 9.8 |
| 2024-07-25 | CVE-2024-24622 | OS Command Injection vulnerability in Softaculous Webuzo Softaculous Webuzo contains a command injection in the password reset functionality. | 8.8 |
| 2024-07-25 | CVE-2024-24623 | OS Command Injection vulnerability in Softaculous Webuzo Softaculous Webuzo contains a command injection vulnerability in the FTP management functionality. | 8.8 |
| 2024-07-25 | CVE-2024-41468 | OS Command Injection vulnerability in Tendacn Fh1201 Firmware 1.2.0.14 Tenda FH1201 v1.2.0.14 was discovered to contain a command injection vulnerability via the cmdinput parameter at /goform/exeCommand | 9.8 |
| 2024-07-25 | CVE-2024-41473 | OS Command Injection vulnerability in Tendacn Fh1201 Firmware 1.2.0.14 Tenda FH1201 v1.2.0.14 was discovered to contain a command injection vulnerability via the mac parameter at ip/goform/WriteFacMac | 9.8 |