Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-08-31 | CVE-2020-24354 | OS Command Injection vulnerability in Zyxel Vmg5313-B30B Firmware 5.11(Abcu.1)C0/5.13(Abcj.6)B31127 Zyxel VMG5313-B30B router on firmware 5.13(ABCJ.6)b3_1127, and possibly older versions of firmware are affected by shell injection. | 8.8 |
| 2020-08-30 | CVE-2020-7712 | OS Command Injection vulnerability in multiple products This affects the package json before 10.0.0. | 7.2 |
| 2020-08-27 | CVE-2020-3454 | OS Command Injection vulnerability in Cisco Nx-Os A vulnerability in the Call Home feature of Cisco NX-OS Software could allow an authenticated, remote attacker to inject arbitrary commands that could be executed with root privileges on the underlying operating system (OS). | 7.2 |
| 2020-08-25 | CVE-2020-15642 | OS Command Injection vulnerability in Marvell Qconvergeconsole This vulnerability allows remote attackers to execute arbitrary code on affected installations of installations of Marvell QConvergeConsole 5.5.0.64. | 8.8 |
| 2020-08-25 | CVE-2020-17384 | OS Command Injection vulnerability in Cellopoint Cellos 4.1.10 Cellopoint Cellos v4.1.10 Build 20190922 does not validate URL inputted properly. | 7.2 |
| 2020-08-24 | CVE-2020-24572 | OS Command Injection vulnerability in Raspap 2.5 An issue was discovered in includes/webconsole.php in RaspAP 2.5. | 8.8 |
| 2020-08-21 | CVE-2020-24057 | OS Command Injection vulnerability in Verint S5120Fd Firmware Verintfw042 The management website of the Verint S5120FD Verint_FW_0_42 unit features a CGI endpoint ('ipfilter.cgi') that allows the user to manage network filtering on the unit. | 8.8 |
| 2020-08-21 | CVE-2020-24054 | OS Command Injection vulnerability in Moog Exvf5C-2 Firmware and Exvp7C2-3 Firmware The administration console of the Moog EXO Series EXVF5C-2 and EXVP7C2-3 units features a 'statusbroadcast' command that can spawn a given process repeatedly at a certain time interval as 'root'. | 9.8 |
| 2020-08-20 | CVE-2020-16282 | OS Command Injection vulnerability in Rangee Rangeeos 8.0.4 In the default configuration of Rangee GmbH RangeeOS 8.0.4, all components are executed in the context of the privileged root user. | 8.8 |
| 2020-08-20 | CVE-2020-16279 | OS Command Injection vulnerability in Rangee Rangeeos 8.0.4 The Kommbox component in Rangee GmbH RangeeOS 8.0.4 is vulnerable to Remote Code Execution due to untrusted user supplied input being passed to the command line without sanitization. | 9.8 |