Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-02-25 | CVE-2019-3999 | OS Command Injection vulnerability in Druva Insync Client 6.5.0 Improper neutralization of special elements used in an OS command in Druva inSync Windows Client 6.5.0 allows a local, unauthenticated attacker to execute arbitrary operating system commands with SYSTEM privileges. | 7.8 |
| 2020-02-25 | CVE-2019-5142 | OS Command Injection vulnerability in Moxa Awk-3131A Firmware 1.13 An exploitable command injection vulnerability exists in the hostname functionality of the Moxa AWK-3131A firmware version 1.13. | 7.2 |
| 2020-02-25 | CVE-2019-5141 | OS Command Injection vulnerability in Moxa Awk-3131A Firmware 1.13 An exploitable command injection vulnerability exists in the iw_webs functionality of the Moxa AWK-3131A firmware version 1.13. | 8.8 |
| 2020-02-25 | CVE-2019-5140 | OS Command Injection vulnerability in Moxa Awk-3131A Firmware 1.13 An exploitable command injection vulnerability exists in the iwwebs functionality of the Moxa AWK-3131A firmware version 1.13. | 8.8 |
| 2020-02-25 | CVE-2019-5138 | OS Command Injection vulnerability in Moxa Awk-3131A Firmware 1.13 An exploitable command injection vulnerability exists in encrypted diagnostic script functionality of the Moxa AWK-3131A firmware version 1.13. | 9.9 |
| 2020-02-24 | CVE-2020-9374 | OS Command Injection vulnerability in Tp-Link Tl-Wr849N Firmware 0.9.14.16 On TP-Link TL-WR849N 0.9.1 4.16 devices, a remote command execution vulnerability in the diagnostics area can be exploited when an attacker sends specific shell metacharacters to the panel's traceroute feature. | 9.8 |
| 2020-02-24 | CVE-2019-12511 | OS Command Injection vulnerability in Netgear Nighthawk X10-R9000 Firmware 1.0.4.24 In NETGEAR Nighthawk X10-R9000 prior to 1.0.4.26, an attacker may execute arbitrary system commands as root by sending a specially-crafted MAC address to the "NETGEAR Genie" SOAP endpoint at AdvancedQoS:GetCurrentBandwidthByMAC. | 9.8 |
| 2020-02-24 | CVE-2019-10799 | OS Command Injection vulnerability in Compile-Sass Project Compile-Sass compile-sass prior to 1.0.5 allows execution of arbritary commands. | 8.2 |
| 2020-02-24 | CVE-2019-10796 | OS Command Injection vulnerability in RPI Project RPI 0.0.1/0.0.2/0.0.3 rpi through 0.0.3 allows execution of arbritary commands. | 9.8 |
| 2020-02-24 | CVE-2020-4222 | OS Command Injection vulnerability in IBM Spectrum Protect 10.1.0/10.1.5 IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary code on the system. | 9.8 |