Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-24 | CVE-2019-13653 | OS Command Injection vulnerability in Tp-Link M7350 Firmware 1.0.16 TP-Link M7350 devices through 1.0.16 Build 181220 Rel.1116n allow triggerPort OS Command Injection (issue 5 of 5). | 10.0 |
| 2019-10-24 | CVE-2019-13652 | OS Command Injection vulnerability in Tp-Link M7350 Firmware 1.0.16 TP-Link M7350 devices through 1.0.16 Build 181220 Rel.1116n allow serviceName OS Command Injection (issue 4 of 5). | 10.0 |
| 2019-10-24 | CVE-2019-13651 | OS Command Injection vulnerability in Tp-Link M7350 Firmware 1.0.16 TP-Link M7350 devices through 1.0.16 Build 181220 Rel.1116n allow portMappingProtocol OS Command Injection (issue 3 of 5). | 10.0 |
| 2019-10-24 | CVE-2019-13650 | OS Command Injection vulnerability in Tp-Link M7350 Firmware 1.0.16 TP-Link M7350 devices through 1.0.16 Build 181220 Rel.1116n allow internalPort OS Command Injection (issue 2 of 5). | 10.0 |
| 2019-10-24 | CVE-2019-13649 | OS Command Injection vulnerability in Tp-Link M7350 Firmware 1.0.16 TP-Link M7350 devices through 1.0.16 Build 181220 Rel.1116n allow externalPort OS Command Injection (issue 1 of 5). | 10.0 |
| 2019-10-21 | CVE-2019-16965 | OS Command Injection vulnerability in Fusionpbx resources/cmd.php in FusionPBX up to 4.5.7 suffers from a command injection vulnerability due to a lack of input validation, which allows authenticated administrative attackers to execute any commands on the host as www-data. | 7.2 |
| 2019-10-21 | CVE-2019-16964 | OS Command Injection vulnerability in Fusionpbx app/call_centers/cmd.php in the Call Center Queue Module in FusionPBX up to 4.5.7 suffers from a command injection vulnerability due to a lack of input validation, which allows authenticated attackers (with at least the permission call_center_queue_add or call_center_queue_edit) to execute any commands on the host as www-data. | 9.0 |
| 2019-10-18 | CVE-2019-17526 | OS Command Injection vulnerability in Sagemath Sagemathcell An issue was discovered in SageMath Sage Cell Server through 2019-10-05. | 9.8 |
| 2019-10-16 | CVE-2019-15277 | OS Command Injection vulnerability in Cisco Telepresence Collaboration Endpoint A vulnerability in the CLI of Cisco TelePresence Collaboration Endpoint (CE) Software could allow an authenticated, local attacker to execute code with root privileges. | 7.2 |
| 2019-10-16 | CVE-2019-15275 | OS Command Injection vulnerability in Cisco Telepresence Collaboration Endpoint A vulnerability in the CLI of Cisco TelePresence Collaboration Endpoint (CE) Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges. | 7.2 |