Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-11 | CVE-2020-1980 | OS Command Injection vulnerability in Paloaltonetworks Pan-Os A shell command injection vulnerability in the PAN-OS CLI allows a local authenticated user to escape the restricted shell and escalate privileges. | 7.8 |
| 2020-03-10 | CVE-2019-9859 | OS Command Injection vulnerability in Vestacp Vesta Control Panel Vesta Control Panel (VestaCP) 0.9.7 through 0.9.8-23 is vulnerable to an authenticated command execution that can result in remote root access on the server. | 8.8 |
| 2020-03-09 | CVE-2020-10250 | OS Command Injection vulnerability in Meinbwa Direx-Pro Firmware 1.2181 BWA DiREX-Pro 1.2181 devices allow remote attackers to execute arbitrary OS commands via shell metacharacters in the PKG parameter to uninstall.php3. | 9.8 |
| 2020-03-09 | CVE-2020-2159 | OS Command Injection vulnerability in Jenkins Cryptomove Jenkins CryptoMove Plugin 0.1.33 and earlier allows attackers with Job/Configure access to execute arbitrary OS commands on the Jenkins master as the OS user account running Jenkins. | 8.8 |
| 2020-03-09 | CVE-2019-20504 | OS Command Injection vulnerability in Quest Kace Systems Management service/krashrpt.php in Quest KACE K1000 Systems Management Appliance before 6.4 SP3 (6.4.120822) allows a remote attacker to execute code via shell metacharacters in the kuid parameter. | 9.8 |
| 2020-03-09 | CVE-2016-11021 | OS Command Injection vulnerability in Dlink Dcs-930L Firmware setSystemCommand on D-Link DCS-930L devices before 2.12 allows a remote attacker to execute code via an OS command in the SystemCommand parameter. | 7.2 |
| 2020-03-08 | CVE-2020-10221 | OS Command Injection vulnerability in Rconfig lib/ajaxHandlers/ajaxAddTemplate.php in rConfig through 3.94 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the fileName POST parameter. | 8.8 |
| 2020-03-07 | CVE-2020-10216 | OS Command Injection vulnerability in multiple products An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. | 8.8 |
| 2020-03-07 | CVE-2020-10215 | OS Command Injection vulnerability in multiple products An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. | 8.8 |
| 2020-03-07 | CVE-2020-10213 | OS Command Injection vulnerability in multiple products An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. | 8.8 |