Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-11 | CVE-2019-5168 | OS Command Injection vulnerability in Wago Pfc200 Firmware 03.02.02(14) An exploitable command injection vulnerability exists in the iocheckd service ‘I/O-Check’ function of the WAGO PFC 200 version 03.02.02(14). | 7.8 |
| 2020-03-11 | CVE-2019-5167 | OS Command Injection vulnerability in Wago Pfc200 Firmware 03.02.02(14) An exploitable command injection vulnerability exists in the iocheckd service ‘I/O-Check’ function of the WAGO PFC 200 version 03.02.02(14). | 7.8 |
| 2020-03-11 | CVE-2019-5157 | OS Command Injection vulnerability in Wago Pfc200 Firmware 03.00.39(12)/03.01.07(13)/03.02.02(14) An exploitable command injection vulnerability exists in the Cloud Connectivity functionality of WAGO PFC200 Firmware versions 03.02.02(14), 03.01.07(13), and 03.00.39(12). | 7.2 |
| 2020-03-11 | CVE-2019-5156 | OS Command Injection vulnerability in Wago Pfc200 Firmware 03.00.39(12)/03.01.07(13)/03.02.02(14) An exploitable command injection vulnerability exists in the cloud connectivity functionality of WAGO PFC200 versions 03.02.02(14), 03.01.07(13), and 03.00.39(12). | 7.2 |
| 2020-03-11 | CVE-2019-5155 | OS Command Injection vulnerability in Wago Pfc200 Firmware 03.00.39(12)/03.01.07(13)/03.02.02(14) An exploitable command injection vulnerability exists in the cloud connectivity feature of WAGO PFC200. | 7.2 |
| 2020-03-11 | CVE-2019-10807 | OS Command Injection vulnerability in Blamer Project Blamer Blamer versions prior to 1.0.1 allows execution of arbitrary commands. | 9.8 |
| 2020-03-11 | CVE-2020-1980 | OS Command Injection vulnerability in Paloaltonetworks Pan-Os A shell command injection vulnerability in the PAN-OS CLI allows a local authenticated user to escape the restricted shell and escalate privileges. | 7.8 |
| 2020-03-10 | CVE-2019-9859 | OS Command Injection vulnerability in Vestacp Vesta Control Panel Vesta Control Panel (VestaCP) 0.9.7 through 0.9.8-23 is vulnerable to an authenticated command execution that can result in remote root access on the server. | 8.8 |
| 2020-03-09 | CVE-2020-10250 | OS Command Injection vulnerability in Meinbwa Direx-Pro Firmware 1.2181 BWA DiREX-Pro 1.2181 devices allow remote attackers to execute arbitrary OS commands via shell metacharacters in the PKG parameter to uninstall.php3. | 9.8 |
| 2020-03-09 | CVE-2020-2159 | OS Command Injection vulnerability in Jenkins Cryptomove Jenkins CryptoMove Plugin 0.1.33 and earlier allows attackers with Job/Configure access to execute arbitrary OS commands on the Jenkins master as the OS user account running Jenkins. | 8.8 |