Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-06-11 | CVE-2019-3412 | OS Command Injection vulnerability in ZTE Mf920 Firmware All versions up to BD_R218V2.4 of ZTE MF920 product are impacted by command execution vulnerability. | 9.8 |
| 2019-06-11 | CVE-2019-3409 | OS Command Injection vulnerability in ZTE Wf820+ LTE Outdoor CPE Firmware All versions up to UKBB_WF820+_1.0.0B06 of ZTE WF820+ LTE Outdoor CPE product are impacted by command injection vulnerability. | 8.8 |
| 2019-06-10 | CVE-2019-12787 | OS Command Injection vulnerability in Dlink Dir-818Lw Firmware 2.05.B03/2.06B01 An issue was discovered on D-Link DIR-818LW devices from 2.05.B03 to 2.06B01 BETA. | 8.8 |
| 2019-06-10 | CVE-2019-12780 | OS Command Injection vulnerability in Belkin Crock-Pot Smart Slow Cooker With Wemo Firmware The Belkin Wemo Enabled Crock-Pot allows command injection in the Wemo UPnP API via the SmartDevURL argument to the SetSmartDevInfo action. | 9.8 |
| 2019-06-07 | CVE-2018-10702 | OS Command Injection vulnerability in Moxa Awk-3121 Firmware 1.14 An issue was discovered on Moxa AWK-3121 1.14 devices. | 8.8 |
| 2019-06-07 | CVE-2018-10699 | OS Command Injection vulnerability in Moxa Awk-3121 Firmware 1.14 An issue was discovered on Moxa AWK-3121 1.14 devices. | 8.8 |
| 2019-06-07 | CVE-2018-10697 | OS Command Injection vulnerability in Moxa Awk-3121 Firmware 1.14 An issue was discovered on Moxa AWK-3121 1.14 devices. | 8.8 |
| 2019-06-07 | CVE-2018-5265 | OS Command Injection vulnerability in UI Edgeos 1.9.1 Ubiquiti EdgeOS 1.9.1 on EdgeRouter Lite devices allows remote attackers to execute arbitrary code with admin credentials, because /opt/vyatta/share/vyatta-cfg/templates/system/static-host-mapping/host-name/node.def does not sanitize the 'alias' or 'ips' parameter for shell metacharacters. | 7.2 |
| 2019-06-07 | CVE-2019-12771 | OS Command Injection vulnerability in Thinstation Project Thinstation Command injection is possible in ThinStation through 6.1.1 via shell metacharacters after the cgi-bin/CdControl.cgi action= substring, or after the cgi-bin/VolControl.cgi OK= substring. | 9.8 |
| 2019-06-05 | CVE-2019-9156 | OS Command Injection vulnerability in Gemalto Ezio DS3 Server 2.6.1 Gemalto DS3 Authentication Server 2.6.1-SP01 allows OS Command Injection. | 8.0 |