Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-08-25 | CVE-2020-15642 | OS Command Injection vulnerability in Marvell Qconvergeconsole This vulnerability allows remote attackers to execute arbitrary code on affected installations of installations of Marvell QConvergeConsole 5.5.0.64. | 8.8 |
| 2020-08-25 | CVE-2020-17384 | OS Command Injection vulnerability in Cellopoint Cellos 4.1.10 Cellopoint Cellos v4.1.10 Build 20190922 does not validate URL inputted properly. | 7.2 |
| 2020-08-24 | CVE-2020-24572 | OS Command Injection vulnerability in Raspap 2.5 An issue was discovered in includes/webconsole.php in RaspAP 2.5. | 8.8 |
| 2020-08-21 | CVE-2020-24057 | OS Command Injection vulnerability in Verint S5120Fd Firmware Verintfw042 The management website of the Verint S5120FD Verint_FW_0_42 unit features a CGI endpoint ('ipfilter.cgi') that allows the user to manage network filtering on the unit. | 8.8 |
| 2020-08-21 | CVE-2020-24054 | OS Command Injection vulnerability in Moog Exvf5C-2 Firmware and Exvp7C2-3 Firmware The administration console of the Moog EXO Series EXVF5C-2 and EXVP7C2-3 units features a 'statusbroadcast' command that can spawn a given process repeatedly at a certain time interval as 'root'. | 9.8 |
| 2020-08-20 | CVE-2020-16282 | OS Command Injection vulnerability in Rangee Rangeeos 8.0.4 In the default configuration of Rangee GmbH RangeeOS 8.0.4, all components are executed in the context of the privileged root user. | 8.8 |
| 2020-08-20 | CVE-2020-16279 | OS Command Injection vulnerability in Rangee Rangeeos 8.0.4 The Kommbox component in Rangee GmbH RangeeOS 8.0.4 is vulnerable to Remote Code Execution due to untrusted user supplied input being passed to the command line without sanitization. | 9.8 |
| 2020-08-20 | CVE-2020-17456 | OS Command Injection vulnerability in Seowonintech products SEOWON INTECH SLC-130 And SLR-120S devices allow Remote Code Execution via the ipAddr parameter to the system_log.cgi page. | 9.8 |
| 2020-08-18 | CVE-2020-24032 | OS Command Injection vulnerability in Xorux Lpar2Rrd and Stor2Rrd tz.pl on XoruX LPAR2RRD and STOR2RRD 2.70 virtual appliances allows cmd=set&tz=OS command injection via shell metacharacters in a timezone. | 9.8 |
| 2020-08-18 | CVE-2020-23934 | OS Command Injection vulnerability in Ritecms 2.2.1 An issue was discovered in RiteCMS 2.2.1. | 8.8 |