Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

DATE CVE VULNERABILITY TITLE RISK
2019-07-02 CVE-2019-6621 OS Command Injection vulnerability in F5 products
On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, 12.1.0-12.1.4.1, 11.6.1-11.6.3.4, and 11.5.2-11.5.8 and BIG-IQ 7.0.0-7.1.0.2, 6.0.0-6.1.0, and 5.1.0-5.4.0, an undisclosed iControl REST worker is vulnerable to command injection by an admin/resource admin user.
network
low complexity
f5 CWE-78
7.2
7.2
2019-07-02 CVE-2019-6620 OS Command Injection vulnerability in F5 products
On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.5, 13.0.0-13.1.1.4, 12.1.0-12.1.4.1, and 11.5.1-11.6.4 and BIG-IQ 6.0.0-6.1.0 and 5.1.0-5.4.0, an undisclosed iControl REST worker vulnerable to command injection for an Administrator user.
network
low complexity
f5 CWE-78
7.2
7.2
2019-07-02 CVE-2019-7256 OS Command Injection vulnerability in Nortekcontrol products
Linear eMerge E3-Series devices allow Command Injections.
network
low complexity
nortekcontrol CWE-78
critical
 9.8
9.8
2019-07-02 CVE-2019-7269 OS Command Injection vulnerability in Nortekcontrol products
Linear eMerge 50P/5000P devices allow Authenticated Command Injection with root Code Execution.
network
low complexity
nortekcontrol CWE-78
critical
 9.8
9.8
2019-07-02 CVE-2019-13155 OS Command Injection vulnerability in Trendnet Tew-827Dru Firmware 1.04B01/2.04/2.04B03
An issue was discovered in TRENDnet TEW-827DRU firmware before 2.05B11.
network
low complexity
trendnet CWE-78
8.8
8.8
2019-07-02 CVE-2019-13154 OS Command Injection vulnerability in Trendnet Tew-827Dru Firmware 1.04B01/2.04/2.04B03
An issue was discovered in TRENDnet TEW-827DRU firmware before 2.05B11.
network
low complexity
trendnet CWE-78
8.8
8.8
2019-07-02 CVE-2019-13153 OS Command Injection vulnerability in Trendnet Tew-827Dru Firmware 1.04B01/2.04/2.04B03
An issue was discovered in TRENDnet TEW-827DRU firmware before 2.05B11.
network
low complexity
trendnet CWE-78
8.8
8.8
2019-07-02 CVE-2019-13151 OS Command Injection vulnerability in Trendnet Tew-827Dru Firmware 1.04B01/2.04/2.04B03
An issue was discovered in TRENDnet TEW-827DRU firmware before 2.05B11.
network
low complexity
trendnet CWE-78
8.8
8.8
2019-07-02 CVE-2019-13149 OS Command Injection vulnerability in Trendnet Tew-827Dru Firmware 1.04B01/2.04/2.04B03
An issue was discovered in TRENDnet TEW-827DRU firmware before 2.05B11.
network
low complexity
trendnet CWE-78
8.8
8.8
2019-07-01 CVE-2019-7670 OS Command Injection vulnerability in Primasystems Flexair 2.3.38
Prima Systems FlexAir, Versions 2.3.38 and prior.
network
low complexity
primasystems CWE-78
7.2
7.2