Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-08-17 | CVE-2020-24220 | OS Command Injection vulnerability in Shopxo 1.8.1 ShopXO v1.8.1 has a command execution vulnerability. | 8.8 |
| 2020-08-17 | CVE-2020-8233 | OS Command Injection vulnerability in multiple products A command injection vulnerability exists in EdgeSwitch firmware <v1.9.0 that allowed an authenticated read-only user to execute arbitrary shell commands over the HTTP interface, allowing them to escalate privileges. | 8.8 |
| 2020-08-17 | CVE-2020-13122 | OS Command Injection vulnerability in Noviflow Noviware Nw500.2.12 The novish command-line interface, included in NoviFlow NoviWare before NW500.2.12 and deployed on NoviSwitch devices, is vulnerable to command injection in the "show status destination ipaddr" command. | 8.8 |
| 2020-08-14 | CVE-2020-16205 | OS Command Injection vulnerability in Geutebrueck products Using a specially crafted URL command, a remote authenticated user can execute commands as root on the G-Cam and G-Code (Firmware Versions 1.12.0.25 and prior as well as the limited Versions 1.12.13.2 and 1.12.14.5). | 7.2 |
| 2020-08-13 | CVE-2020-11733 | OS Command Injection vulnerability in Spirent Avalanche and Testcenter An issue was discovered on Spirent TestCenter and Avalanche appliance admin interface firmware. | 6.7 |
| 2020-08-12 | CVE-2020-12107 | OS Command Injection vulnerability in Stengg Vpncrypt M10 Firmware 2.6.5 The Web portal of the WiFi module of VPNCrypt M10 2.6.5 allows command injection via a text field, which allow full control over this module's Operating System. | 9.8 |
| 2020-08-12 | CVE-2020-17505 | OS Command Injection vulnerability in Articatech web Proxy 4.30.000000 Artica Web Proxy 4.30.000000 allows an authenticated remote attacker to inject commands via the service-cmds parameter in cyrus.php. | 8.8 |
| 2020-08-11 | CVE-2020-17368 | OS Command Injection vulnerability in multiple products Firejail through 0.9.62 mishandles shell metacharacters during use of the --output or --output-stderr option, which may lead to command injection. | 9.8 |
| 2020-08-11 | CVE-2020-13124 | OS Command Injection vulnerability in Sabnzbd 2.3.9/3.0.0 SABnzbd 2.3.9 and 3.0.0Alpha2 has a command injection vulnerability in the web configuration interface that permits an authenticated user to execute arbitrary Python commands on the underlying operating system. | 8.8 |
| 2020-08-11 | CVE-2020-14324 | OS Command Injection vulnerability in Redhat Cloudforms Management Engine A high severity vulnerability was found in all active versions of Red Hat CloudForms before 5.11.7.0. | 9.1 |