Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-04-23 | CVE-2020-8797 | OS Command Injection vulnerability in Juplink Rx4-1500 Firmware 1.0.3 Juplink RX4-1500 v1.0.3 allows remote attackers to gain root access to the Linux subsystem via an unsanitized exec call (aka Command Line Injection), if the undocumented telnetd service is enabled and the attacker can authenticate as admin from the local network. | 6.7 |
| 2020-04-22 | CVE-2020-7350 | OS Command Injection vulnerability in Rapid7 Metasploit Rapid7 Metasploit Framework versions before 5.0.85 suffers from an instance of CWE-78: OS Command Injection, wherein the libnotify plugin accepts untrusted user-supplied data via a remote computer's hostname or service name. | 7.8 |
| 2020-04-22 | CVE-2018-21130 | OS Command Injection vulnerability in Netgear Wac505 Firmware and Wac510 Firmware Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. | 8.8 |
| 2020-04-22 | CVE-2018-21127 | OS Command Injection vulnerability in Netgear Wac505 Firmware and Wac510 Firmware Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. | 8.8 |
| 2020-04-22 | CVE-2018-21126 | OS Command Injection vulnerability in Netgear Wac505 Firmware and Wac510 Firmware Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. | 8.8 |
| 2020-04-21 | CVE-2020-11963 | OS Command Injection vulnerability in Evenroute Iqrouter Firmware 3.3.1 IQrouter through 3.3.1, when unconfigured, has multiple remote code execution vulnerabilities in the web-panel because of Bash Shell Metacharacter Injection. | 9.8 |
| 2020-04-15 | CVE-2020-5350 | OS Command Injection vulnerability in Dell EMC Integrated Data Protection Appliance Dell EMC Integrated Data Protection Appliance versions 2.0, 2.1, 2.2, 2.3, 2.4 contain a command injection vulnerability in the ACM component. | 7.2 |
| 2020-04-15 | CVE-2020-10511 | OS Command Injection vulnerability in Hgiga Oaklouds Ccm@Il HGiga C&Cmail CCMAILQ before olln-base-6.0-418.i386.rpm and CCMAILN before olln-base-5.0-418.i386.rpm contains insecure configurations. | 9.8 |
| 2020-04-13 | CVE-2020-9478 | OS Command Injection vulnerability in Rubrik CDM 5.0.0/5.0.4/5.1.0 An issue was discovered in Rubrik 5.0.3-2296. | 8.8 |
| 2020-04-10 | CVE-2020-6765 | OS Command Injection vulnerability in Dlink Dsl-Gs225 Firmware Au1.0.4 D-Link DSL-GS225 J1 AU_1.0.4 devices allow an admin to execute OS commands by placing shell metacharacters after a supported CLI command, as demonstrated by ping -c1 127.0.0.1; cat/etc/passwd. | 7.2 |