Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-07-10 | CVE-2020-8186 | OS Command Injection vulnerability in Devcert Project Devcert 1.1.0 A command injection vulnerability in the `devcert` module may lead to remote code execution when users of the module pass untrusted input to the `certificateFor` function. | 9.8 |
| 2020-07-09 | CVE-2020-9377 | OS Command Injection vulnerability in Dlink Dir-610 Firmware D-Link DIR-610 devices allow Remote Command Execution via the cmd parameter to command.php. | 8.8 |
| 2020-07-08 | CVE-2020-2034 | OS Command Injection vulnerability in Paloaltonetworks Pan-Os An OS Command Injection vulnerability in the PAN-OS GlobalProtect portal allows an unauthenticated network based attacker to execute arbitrary OS commands with root privileges. | 8.1 |
| 2020-07-08 | CVE-2020-2030 | OS Command Injection vulnerability in Paloaltonetworks Pan-Os An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS commands with root privileges. | 7.2 |
| 2020-07-06 | CVE-2020-5352 | OS Command Injection vulnerability in Dell EMC Data Protection Advisor 18.1/6.4/6.5 Dell EMC Data Protection Advisor 6.4, 6.5 and 18.1 contain an OS command injection vulnerability. | 8.8 |
| 2020-07-02 | CVE-2020-8188 | OS Command Injection vulnerability in UI Unifi Protect Firmware We have recently released new version of UniFi Protect firmware v1.13.3 and v1.14.10 for Unifi Cloud Key Gen2 Plus and UniFi Dream Machine Pro/UNVR respectively that fixes vulnerabilities found on Protect firmware v1.13.2, v1.14.9 and prior according to the description below:View only users can run certain custom commands which allows them to assign themselves unauthorized roles and escalate their privileges. | 8.8 |
| 2020-07-01 | CVE-2020-15489 | OS Command Injection vulnerability in Wavlink Wl-Wn530Hg4 Firmware M30Hg4.V5030.191116 An issue was discovered on Wavlink WL-WN530HG4 M30HG4.V5030.191116 devices. | 9.8 |
| 2020-07-01 | CVE-2019-15311 | OS Command Injection vulnerability in Linkplay An issue was discovered on Zolo Halo devices via the Linkplay firmware. | 9.8 |
| 2020-07-01 | CVE-2020-7688 | OS Command Injection vulnerability in Mversion Project Mversion The issue occurs because tagName user input is formatted inside the exec function is executed without any checks. | 7.8 |
| 2020-07-01 | CVE-2020-13619 | OS Command Injection vulnerability in Locutus PHP php/exec/escapeshellarg in Locutus PHP through 2.0.11 allows an attacker to achieve code execution. | 9.8 |