Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-02-25 | CVE-2019-5138 | OS Command Injection vulnerability in Moxa Awk-3131A Firmware 1.13 An exploitable command injection vulnerability exists in encrypted diagnostic script functionality of the Moxa AWK-3131A firmware version 1.13. | 9.9 |
| 2020-02-24 | CVE-2020-9374 | OS Command Injection vulnerability in Tp-Link Tl-Wr849N Firmware 0.9.14.16 On TP-Link TL-WR849N 0.9.1 4.16 devices, a remote command execution vulnerability in the diagnostics area can be exploited when an attacker sends specific shell metacharacters to the panel's traceroute feature. | 9.8 |
| 2020-02-24 | CVE-2019-12511 | OS Command Injection vulnerability in Netgear Nighthawk X10-R9000 Firmware 1.0.4.24 In NETGEAR Nighthawk X10-R9000 prior to 1.0.4.26, an attacker may execute arbitrary system commands as root by sending a specially-crafted MAC address to the "NETGEAR Genie" SOAP endpoint at AdvancedQoS:GetCurrentBandwidthByMAC. | 9.8 |
| 2020-02-24 | CVE-2019-10799 | OS Command Injection vulnerability in Compile-Sass Project Compile-Sass compile-sass prior to 1.0.5 allows execution of arbritary commands. | 8.2 |
| 2020-02-24 | CVE-2019-10796 | OS Command Injection vulnerability in RPI Project RPI 0.0.1/0.0.2/0.0.3 rpi through 0.0.3 allows execution of arbritary commands. | 9.8 |
| 2020-02-24 | CVE-2020-4222 | OS Command Injection vulnerability in IBM Spectrum Protect 10.1.0/10.1.5 IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary code on the system. | 9.8 |
| 2020-02-24 | CVE-2020-4213 | OS Command Injection vulnerability in IBM Spectrum Protect 10.1.0/10.1.5 IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary code on the system. | 9.8 |
| 2020-02-24 | CVE-2020-4211 | OS Command Injection vulnerability in IBM Spectrum Protect 10.1.0/10.1.5 IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary code on the system. | 9.8 |
| 2020-02-24 | CVE-2020-4210 | OS Command Injection vulnerability in IBM Spectrum Protect 10.1.0/10.1.5 IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary code on the system. | 9.8 |
| 2020-02-24 | CVE-2020-8130 | OS Command Injection vulnerability in multiple products There is an OS command injection vulnerability in Ruby Rake < 12.3.3 in Rake::FileList when supplying a filename that begins with the pipe character `|`. | 6.4 |