Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-11-27 | CVE-2011-2523 | OS Command Injection vulnerability in multiple products vsftpd 2.3.4 downloaded between 20110630 and 20110703 contains a backdoor which opens a shell on port 6200/tcp. | 9.8 |
| 2019-11-27 | CVE-2019-18184 | OS Command Injection vulnerability in Crestron Dmc-Stro Firmware 1.0 Crestron DMC-STRO 1.0 devices allow remote command execution as root via shell metacharacters to the ping function. | 9.8 |
| 2019-11-27 | CVE-2017-12945 | OS Command Injection vulnerability in Mersive Solstice Firmware Insufficient validation of user-supplied input for the Solstice Pod before 2.8.4 networking configuration enables authenticated attackers to execute arbitrary commands as root. | 8.8 |
| 2019-11-27 | CVE-2019-15298 | OS Command Injection vulnerability in Centreon web A problem was found in Centreon Web through 19.04.3. | 8.8 |
| 2019-11-26 | CVE-2019-16242 | OS Command Injection vulnerability in Alcatelmobile Cingular Flip 2 Firmware B9Huah1 On TCL Alcatel Cingular Flip 2 B9HUAH1 devices, there is an engineering application named omamock that is vulnerable to OS command injection. | 6.8 |
| 2019-11-26 | CVE-2019-12489 | OS Command Injection vulnerability in Fastweb Askey Rtv1907Vw Firmware 0.00.81 An issue was discovered on Fastweb Askey RTV1907VW 0.00.81_FW_200_Askey 2018-10-02 18:08:18 devices. | 9.8 |
| 2019-11-26 | CVE-2019-15997 | OS Command Injection vulnerability in Cisco DNA Spaces: Connector A vulnerability in Cisco DNA Spaces: Connector could allow an authenticated, local attacker to perform a command injection attack and execute arbitrary commands on the underlying operating system as root. | 6.7 |
| 2019-11-26 | CVE-2019-15996 | OS Command Injection vulnerability in Cisco DNA Spaces: Connector 2.0/2.0.519 A vulnerability in Cisco DNA Spaces: Connector could allow an authenticated, local attacker to elevate privileges and execute arbitrary commands on the underlying operating system as root. | 6.7 |
| 2019-11-22 | CVE-2019-18910 | OS Command Injection vulnerability in HP Thinpro The Citrix Receiver wrapper function does not safely handle user supplied input, which may be leveraged by an attacker to inject commands that will execute with local user privileges. | 6.8 |
| 2019-11-22 | CVE-2019-18909 | OS Command Injection vulnerability in HP Thinpro The VPN software within HP ThinPro does not safely handle user supplied input, which may be leveraged by an attacker to inject commands that will execute with root privileges. | 8.0 |