Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-08-21 | CVE-2020-24054 | OS Command Injection vulnerability in Moog Exvf5C-2 Firmware and Exvp7C2-3 Firmware The administration console of the Moog EXO Series EXVF5C-2 and EXVP7C2-3 units features a 'statusbroadcast' command that can spawn a given process repeatedly at a certain time interval as 'root'. | 9.8 |
| 2020-08-20 | CVE-2020-16282 | OS Command Injection vulnerability in Rangee Rangeeos 8.0.4 In the default configuration of Rangee GmbH RangeeOS 8.0.4, all components are executed in the context of the privileged root user. | 8.8 |
| 2020-08-20 | CVE-2020-16279 | OS Command Injection vulnerability in Rangee Rangeeos 8.0.4 The Kommbox component in Rangee GmbH RangeeOS 8.0.4 is vulnerable to Remote Code Execution due to untrusted user supplied input being passed to the command line without sanitization. | 9.8 |
| 2020-08-20 | CVE-2020-17456 | OS Command Injection vulnerability in Seowonintech products SEOWON INTECH SLC-130 And SLR-120S devices allow Remote Code Execution via the ipAddr parameter to the system_log.cgi page. | 9.8 |
| 2020-08-18 | CVE-2020-24032 | OS Command Injection vulnerability in Xorux Lpar2Rrd and Stor2Rrd tz.pl on XoruX LPAR2RRD and STOR2RRD 2.70 virtual appliances allows cmd=set&tz=OS command injection via shell metacharacters in a timezone. | 9.8 |
| 2020-08-18 | CVE-2020-23934 | OS Command Injection vulnerability in Ritecms 2.2.1 An issue was discovered in RiteCMS 2.2.1. | 8.8 |
| 2020-08-17 | CVE-2020-24220 | OS Command Injection vulnerability in Shopxo 1.8.1 ShopXO v1.8.1 has a command execution vulnerability. | 8.8 |
| 2020-08-17 | CVE-2020-8233 | OS Command Injection vulnerability in multiple products A command injection vulnerability exists in EdgeSwitch firmware <v1.9.0 that allowed an authenticated read-only user to execute arbitrary shell commands over the HTTP interface, allowing them to escalate privileges. | 8.8 |
| 2020-08-17 | CVE-2020-13122 | OS Command Injection vulnerability in Noviflow Noviware Nw500.2.12 The novish command-line interface, included in NoviFlow NoviWare before NW500.2.12 and deployed on NoviSwitch devices, is vulnerable to command injection in the "show status destination ipaddr" command. | 8.8 |
| 2020-08-14 | CVE-2020-16205 | OS Command Injection vulnerability in Geutebrueck products Using a specially crafted URL command, a remote authenticated user can execute commands as root on the G-Cam and G-Code (Firmware Versions 1.12.0.25 and prior as well as the limited Versions 1.12.13.2 and 1.12.14.5). | 7.2 |