Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-25 | CVE-2020-7980 | OS Command Injection vulnerability in Intelliantech Aptus web 1.24 Intellian Aptus Web 1.24 allows remote attackers to execute arbitrary OS commands via the Q field within JSON data to the cgi-bin/libagent.cgi URI. | 9.8 |
| 2020-01-25 | CVE-2020-7596 | OS Command Injection vulnerability in Codecov Nodejs Uploader Codecov npm module before 3.6.2 allows remote attackers to execute arbitrary commands via the "gcov-args" argument. | 8.8 |
| 2020-01-24 | CVE-2013-1598 | OS Command Injection vulnerability in Vivotek Pt7135 Firmware 0300A/0400A A Command Injection vulnerability exists in Vivotek PT7135 IP Cameras 0300a and 0400a via the system.ntp parameter to the farseer.out binary file, which cold let a malicious user execute arbitrary code. | 8.8 |
| 2020-01-23 | CVE-2019-19897 | OS Command Injection vulnerability in Ixpdata Easyinstall 6.2.13723 In IXP EasyInstall 6.2.13723, there is Remote Code Execution via the Agent Service. | 9.8 |
| 2020-01-23 | CVE-2019-19839 | OS Command Injection vulnerability in Ruckuswireless Unleashed and Zonedirector 1200 Firmware emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=import-category to admin/_cmdstat.jsp via the uploadFile attribute. | 9.8 |
| 2020-01-23 | CVE-2019-19838 | OS Command Injection vulnerability in Ruckuswireless Unleashed and Zonedirector 1200 Firmware emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=get-platform-depends to admin/_cmdstat.jsp via the uploadFile attribute. | 9.8 |
| 2020-01-23 | CVE-2012-4981 | OS Command Injection vulnerability in Toshiba Configfree 8.0.38 Toshiba ConfigFree 8.0.38 has a CF7 File Remote Command Execution Vulnerability | 8.8 |
| 2020-01-22 | CVE-2019-19842 | OS Command Injection vulnerability in Ruckuswireless Unleashed and Zonedirector 1200 Firmware emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=spectra-analysis to admin/_cmdstat.jsp via the mac attribute. | 9.8 |
| 2020-01-22 | CVE-2019-19841 | OS Command Injection vulnerability in Ruckuswireless Unleashed and Zonedirector 1200 Firmware emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=packet-capture to admin/_cmdstat.jsp via the mac attribute. | 9.8 |
| 2020-01-22 | CVE-2019-10780 | OS Command Injection vulnerability in Bibtex-Ruby Project Bibtex-Ruby BibTeX-ruby before 5.1.0 allows shell command injection due to unsanitized user input being passed directly to the built-in Ruby Kernel.open method through BibTeX.open. | 9.8 |