Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

DATE CVE VULNERABILITY TITLE RISK
2020-06-22 CVE-2020-13159 OS Command Injection vulnerability in Articatech Artica Proxy 4.28.030.418/4.28.030418
Artica Proxy before 4.30.000000 Community Edition allows OS command injection via the Netbios name, Server domain name, dhclient_mac, Hostname, or Alias field.
network
low complexity
articatech CWE-78
critical
10.0
2020-06-22 CVE-2019-14894 OS Command Injection vulnerability in Redhat Cloudforms Management Engine 5.10/5.11
A flaw was found in the CloudForms management engine version 5.10 and CloudForms management version 5.11, which triggered remote code execution through NFS schedule backup.
network
low complexity
redhat CWE-78
7.2
2020-06-22 CVE-2020-4066 OS Command Injection vulnerability in Limdu Project Limdu
In Limdu before 0.95, the trainBatch function has a command injection vulnerability.
network
low complexity
limdu-project CWE-78
critical
9.0
2020-06-18 CVE-2020-14442 OS Command Injection vulnerability in Netgear products
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker.
low complexity
netgear CWE-78
5.8
2020-06-18 CVE-2020-14441 OS Command Injection vulnerability in Netgear products
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker.
low complexity
netgear CWE-78
5.8
2020-06-18 CVE-2020-14440 OS Command Injection vulnerability in Netgear products
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker.
low complexity
netgear CWE-78
5.8
2020-06-18 CVE-2020-14439 OS Command Injection vulnerability in Netgear products
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker.
low complexity
netgear CWE-78
5.8
2020-06-18 CVE-2020-14438 OS Command Injection vulnerability in Netgear products
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker.
low complexity
netgear CWE-78
5.8
2020-06-18 CVE-2020-14437 OS Command Injection vulnerability in Netgear products
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker.
low complexity
netgear CWE-78
5.8
2020-06-18 CVE-2020-3336 OS Command Injection vulnerability in Cisco Roomos and Telepresence Collaboration Endpoint
A vulnerability in the software upgrade process of Cisco TelePresence Collaboration Endpoint Software and Cisco RoomOS Software could allow an authenticated, remote attacker to modify the filesystem to cause a denial of service (DoS) or gain privileged access to the root filesystem.
network
low complexity
cisco CWE-78
critical
9.0