Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-05 | CVE-2019-20499 | OS Command Injection vulnerability in Dlink Dwl-2600Ap Firmware 4.2.0.15 D-Link DWL-2600AP 4.2.0.15 Rev A devices have an authenticated OS command injection vulnerability via the Restore Configuration functionality in the Web interface, using shell metacharacters in the admin.cgi?action=config_restore configRestore or configServerip parameter. | 7.8 |
| 2020-03-04 | CVE-2020-9054 | OS Command Injection vulnerability in Zyxel products Multiple ZyXEL network-attached storage (NAS) devices running firmware version 5.21 contain a pre-authentication command injection vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable device. | 9.8 |
| 2020-03-04 | CVE-2020-3176 | OS Command Injection vulnerability in Cisco products A vulnerability in Cisco Remote PHY Device Software could allow an authenticated, local attacker to execute commands on the underlying Linux shell of an affected device with root privileges. | 6.7 |
| 2020-03-04 | CVE-2020-5535 | OS Command Injection vulnerability in Plathome Openblocks IOT VX2 Firmware OpenBlocks IoT VX2 prior to Ver.4.0.0 (Ver.3 Series) allows an attacker on the same network segment to execute arbitrary OS commands with root privileges via unspecified vectors. | 8.8 |
| 2020-03-02 | CVE-2019-20488 | OS Command Injection vulnerability in Netgear Wnr1000 Firmware 1.1.0.54 An issue was discovered on NETGEAR WNR1000V4 1.1.0.54 devices. | 9.8 |
| 2020-02-28 | CVE-2019-10804 | OS Command Injection vulnerability in Serial-Number Project Serial-Number serial-number through 1.3.0 allows execution of arbritary commands. | 9.8 |
| 2020-02-28 | CVE-2019-10803 | OS Command Injection vulnerability in Push-Dir Project Push-Dir push-dir through 0.4.1 allows execution of arbritary commands. | 9.8 |
| 2020-02-28 | CVE-2019-10802 | OS Command Injection vulnerability in Mangoraft Giting giting version prior to 0.0.8 allows execution of arbritary commands. | 9.8 |
| 2020-02-28 | CVE-2019-10801 | OS Command Injection vulnerability in Enpeem Project Enpeem enpeem through 2.2.0 allows execution of arbitrary commands. | 9.8 |
| 2020-02-28 | CVE-2019-15609 | OS Command Injection vulnerability in Kill-Port-Process Project Kill-Port-Process The kill-port-process package version < 2.2.0 is vulnerable to a Command Injection vulnerability. | 9.8 |