Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

DATE CVE VULNERABILITY TITLE RISK
2019-08-23 CVE-2019-15530 OS Command Injection vulnerability in Dlink Dir-823G Firmware 1.0.2B05
An issue was discovered on D-Link DIR-823G devices with firmware V1.0.2B05.
network
low complexity
dlink CWE-78
8.8
8.8
2019-08-23 CVE-2019-15529 OS Command Injection vulnerability in Dlink Dir-823G Firmware 1.0.2B05
An issue was discovered on D-Link DIR-823G devices with firmware V1.0.2B05.
network
low complexity
dlink CWE-78
8.8
8.8
2019-08-23 CVE-2019-15528 OS Command Injection vulnerability in Dlink Dir-823G Firmware 1.0.2B05
An issue was discovered on D-Link DIR-823G devices with firmware V1.0.2B05.
network
low complexity
dlink CWE-78
8.8
8.8
2019-08-23 CVE-2019-15527 OS Command Injection vulnerability in Dlink Dir-823G Firmware 1.0.2B05
An issue was discovered on D-Link DIR-823G devices with firmware V1.0.2B05.
network
low complexity
dlink CWE-78
8.8
8.8
2019-08-23 CVE-2019-15526 OS Command Injection vulnerability in Dlink Dir-823G Firmware 1.0.2B05
An issue was discovered on D-Link DIR-823G devices with firmware V1.0.2B05.
network
low complexity
dlink CWE-78
8.8
8.8
2019-08-23 CVE-2019-15490 OS Command Injection vulnerability in It-Novum Openitcockpit
openITCOCKPIT before 3.7.1 allows code injection, aka RVID 1-445b21.
network
low complexity
it-novum CWE-78
critical
 9.8
9.8
2019-08-22 CVE-2019-13139 OS Command Injection vulnerability in Docker
In Docker before 18.09.4, an attacker who is capable of supplying or manipulating the build path for the "docker build" command would be able to gain command execution.
local
low complexity
docker CWE-78
8.4
8.4
2019-08-22 CVE-2019-15060 OS Command Injection vulnerability in Tp-Link Tl-Wr840N Firmware 0.9.1/0.9.1.4.16/0.9.13.16
The traceroute function on the TP-Link TL-WR840N v4 router with firmware through 0.9.1 3.16 is vulnerable to remote code execution via a crafted payload in an IP address input field.
network
low complexity
tp-link CWE-78
8.8
8.8
2019-08-21 CVE-2019-1896 OS Command Injection vulnerability in Cisco products
A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker to inject arbitrary commands and obtain root privileges.
network
low complexity
cisco CWE-78
7.2
7.2
2019-08-21 CVE-2019-1885 OS Command Injection vulnerability in Cisco products
A vulnerability in the Redfish protocol of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker to inject and execute arbitrary commands with root privileges on an affected device.
network
low complexity
cisco CWE-78
7.2
7.2