Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-12 | CVE-2024-6917 | OS Command Injection vulnerability in Veribase Order Management Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Veribilim Software Veribase Order Management allows OS Command Injection.This issue affects Veribase Order Management: before v4.010.2. | 9.8 |
| 2024-08-12 | CVE-2024-21878 | OS Command Injection vulnerability in Enphase IQ Gateway Firmware Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Enphase IQ Gateway (formerly known as Envoy) allows OS Command Injection. | 9.8 |
| 2024-08-12 | CVE-2024-21879 | OS Command Injection vulnerability in Enphase IQ Gateway Firmware Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability through an url parameter of an authenticated enpoint in Enphase IQ Gateway (formerly known as Envoy) allows OS Command Injection.This issue affects Envoy: from 4.x to 8.x and < 8.2.4225. | 8.8 |
| 2024-08-12 | CVE-2024-21880 | OS Command Injection vulnerability in Enphase IQ Gateway Firmware Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability via the url parameter of an authenticated enpoint in Enphase IQ Gateway (formerly known as Enphase) allows OS Command Injection.This issue affects Envoy: 4.x <= 7.x | 7.2 |
| 2024-08-12 | CVE-2024-42166 | OS Command Injection vulnerability in Fiware Keyrock The function "generate_app_certificates" in lib/app_certificates.js of FIWARE Keyrock <= 8.4 does not neutralize special elements used in an OS Command properly. | 7.2 |
| 2024-08-12 | CVE-2024-42167 | OS Command Injection vulnerability in Fiware Keyrock The function "generate_app_certificates" in controllers/saml2/saml2.js of FIWARE Keyrock <= 8.4 does not neutralize special elements used in an OS Command properly. | 7.2 |
| 2024-08-07 | CVE-2024-7580 | OS Command Injection vulnerability in Alientechnology Alr-F800 Firmware A vulnerability was found in Alien Technology ALR-F800 up to 19.10.24.00. | 9.8 |
| 2024-08-07 | CVE-2024-7579 | OS Command Injection vulnerability in Alientechnology Alr-F800 Firmware A vulnerability was found in Alien Technology ALR-F800 up to 19.10.24.00. | 8.8 |
| 2024-08-06 | CVE-2024-23483 | OS Command Injection vulnerability in Zscaler Client Connector An Improper Input Validation vulnerability in Zscaler Client Connector on MacOS allows OS Command Injection. This issue affects Zscaler Client Connector on MacOS <4.2. | 9.8 |
| 2024-08-06 | CVE-2024-39228 | OS Command Injection vulnerability in Gl-Inet products GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000/MT2500/AXT1800/AX1800/A1300/X300B v4.5.16, XE300 v4.3.16, E750 v4.3.12, AP1300/S1300 v4.3.13, and XE3000/X3000 v4.4 were discovered to contain a shell injection vulnerability via the interface check_ovpn_client_config and check_config. | 9.8 |