Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-05-21 | CVE-2020-13252 | OS Command Injection vulnerability in Centreon Centreon before 19.04.15 allows remote attackers to execute arbitrary OS commands by placing shell metacharacters in RRDdatabase_status_path (via a main.get.php request) and then visiting the include/views/graphs/graphStatus/displayServiceStatus.php page. | 8.8 |
| 2020-05-19 | CVE-2020-13167 | OS Command Injection vulnerability in Netsweeper Netsweeper through 6.4.3 allows unauthenticated remote code execution because webadmin/tools/unixlogin.php (with certain Referer headers) launches a command line with client-supplied parameters, and allows injection of shell metacharacters. | 9.8 |
| 2020-05-19 | CVE-2020-11766 | OS Command Injection vulnerability in multiple products sendfax.php in iFAX AvantFAX before 3.3.6 and HylaFAX Enterprise Web Interface before 0.2.5 allows authenticated Command Injection. | 8.8 |
| 2020-05-13 | CVE-2020-2014 | OS Command Injection vulnerability in Paloaltonetworks Pan-Os An OS Command Injection vulnerability in PAN-OS management server allows authenticated users to inject and execute arbitrary shell commands with root privileges. | 8.8 |
| 2020-05-13 | CVE-2020-2010 | OS Command Injection vulnerability in Paloaltonetworks Pan-Os An OS command injection vulnerability in PAN-OS management interface allows an authenticated administrator to execute arbitrary OS commands with root privileges. | 7.2 |
| 2020-05-13 | CVE-2020-2008 | OS Command Injection vulnerability in Paloaltonetworks Pan-Os An OS command injection and external control of filename vulnerability in Palo Alto Networks PAN-OS allows authenticated administrators to execute code with root privileges or delete arbitrary system files and impact the system's integrity or cause a denial of service condition. | 7.2 |
| 2020-05-13 | CVE-2020-2007 | OS Command Injection vulnerability in Paloaltonetworks Pan-Os An OS command injection vulnerability in the management server component of PAN-OS allows an authenticated user to potentially execute arbitrary commands with root privileges. | 7.2 |
| 2020-05-07 | CVE-2020-10795 | OS Command Injection vulnerability in Gira Tks-Ip-Gateway Firmware 4.0.7.7 Gira TKS-IP-Gateway 4.0.7.7 is vulnerable to authenticated remote code execution via the backup functionality of the web frontend. | 7.2 |
| 2020-05-07 | CVE-2020-4428 | OS Command Injection vulnerability in IBM Data Risk Manager IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, and 2.0.4 could allow a remote authenticated attacker to execute arbitrary commands on the system. | 9.1 |
| 2020-05-07 | CVE-2020-7805 | OS Command Injection vulnerability in Infomark Iml500 Firmware and Iml520 Firmware An issue was discovered on KT Slim egg IML500 (R7283, R8112, R8424) and IML520 (R8112, R8368, R8411) wifi device. | 9.8 |