Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

DATE CVE VULNERABILITY TITLE RISK
2019-07-22 CVE-2019-12324 OS Command Injection vulnerability in Akuvox Sp-R50P Firmware 50.0.6.156
A command injection (missing input validation) issue in the IP address field for the logging server in the configuration web interface on the Akuvox R50P VoIP phone with firmware 50.0.6.156 allows an authenticated remote attacker in the same network to trigger OS commands via shell metacharacters in a POST request.
network
low complexity
akuvox CWE-78
7.2
7.2
2019-07-19 CVE-2019-12725 OS Command Injection vulnerability in Zeroshell 3.9.0
Zeroshell 3.9.0 is prone to a remote command execution vulnerability.
network
low complexity
zeroshell CWE-78
critical
 9.8
9.8
2019-07-19 CVE-2019-1010245 OS Command Injection vulnerability in Linuxfoundation Open Network Operating System
The Linux Foundation ONOS SDN Controller 1.15 and earlier versions is affected by: Improper Input Validation.
network
low complexity
linuxfoundation CWE-78
critical
 9.8
9.8
2019-07-17 CVE-2019-13640 OS Command Injection vulnerability in Qbittorrent
In qBittorrent before 4.1.7, the function Application::runExternalProgram() located in app/application.cpp allows command injection via shell metacharacters in the torrent name parameter or current tracker parameter, as demonstrated by remote command execution via a crafted name within an RSS feed.
network
low complexity
qbittorrent CWE-78
critical
 9.8
9.8
2019-07-16 CVE-2019-12992 OS Command Injection vulnerability in Citrix Netscaler Sd-Wan and Sd-Wan
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 6 of 6).
network
low complexity
citrix CWE-78
8.8
8.8
2019-07-16 CVE-2019-12991 OS Command Injection vulnerability in Citrix Netscaler Sd-Wan and Sd-Wan
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 5 of 6).
network
low complexity
citrix CWE-78
8.8
8.8
2019-07-16 CVE-2019-12988 OS Command Injection vulnerability in Citrix Netscaler Sd-Wan and Sd-Wan
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 4 of 6).
network
low complexity
citrix CWE-78
critical
 9.8
9.8
2019-07-16 CVE-2019-12987 OS Command Injection vulnerability in Citrix Netscaler Sd-Wan and Sd-Wan
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 3 of 6).
network
low complexity
citrix CWE-78
critical
 9.8
9.8
2019-07-16 CVE-2019-12986 OS Command Injection vulnerability in Citrix Netscaler Sd-Wan and Sd-Wan
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 2 of 6).
network
low complexity
citrix CWE-78
critical
 9.8
9.8
2019-07-16 CVE-2019-12985 OS Command Injection vulnerability in Citrix Netscaler Sd-Wan and Sd-Wan
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 1 of 6).
network
low complexity
citrix CWE-78
critical
 9.8
9.8