Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-06 | CVE-2023-47209 | OS Command Injection vulnerability in Tp-Link Er7206 Firmware 1.3.0 A post authentication command injection vulnerability exists in the ipsec policy functionality of Tp-Link ER7206 Omada Gigabit VPN Router 1.3.0 build 20230322 Rel.70591. | 7.2 |
| 2024-02-06 | CVE-2023-47617 | OS Command Injection vulnerability in Tp-Link Er7206 Firmware 1.3.0 A post authentication command injection vulnerability exists when configuring the web group member of Tp-Link ER7206 Omada Gigabit VPN Router 1.3.0 build 20230322 Rel.70591. | 7.2 |
| 2024-02-06 | CVE-2023-47618 | OS Command Injection vulnerability in Tp-Link Er7206 Firmware 1.3.0 A post authentication command execution vulnerability exists in the web filtering functionality of Tp-Link ER7206 Omada Gigabit VPN Router 1.3.0 build 20230322 Rel.70591. | 7.2 |
| 2024-02-06 | CVE-2023-46359 | OS Command Injection vulnerability in Hardy-Barth Cph2 Echarge Firmware An OS command injection vulnerability in Hardy Barth cPH2 eCharge Ladestation v1.87.0 and earlier, may allow an unauthenticated remote attacker to execute arbitrary commands on the system via a specifically crafted arguments passed to the connectivity check feature. | 9.8 |
| 2024-02-05 | CVE-2024-23108 | OS Command Injection vulnerability in Fortinet Fortisiem An improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiSIEM version 7.1.0 through 7.1.1 and 7.0.0 through 7.0.2 and 6.7.0 through 6.7.8 and 6.6.0 through 6.6.3 and 6.5.0 through 6.5.2 and 6.4.0 through 6.4.2 allows attacker to execute unauthorized code or commands via via crafted API requests. | 9.8 |
| 2024-02-05 | CVE-2024-23109 | OS Command Injection vulnerability in Fortinet Fortisiem An improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiSIEM version 7.1.0 through 7.1.1 and 7.0.0 through 7.0.2 and 6.7.0 through 6.7.8 and 6.6.0 through 6.6.3 and 6.5.0 through 6.5.2 and 6.4.0 through 6.4.2 allows attacker to execute unauthorized code or commands via via crafted API requests. | 9.8 |
| 2024-02-02 | CVE-2023-39297 | OS Command Injection vulnerability in Qnap Qts, Quts Hero and Qutscloud An OS command injection vulnerability has been reported to affect several QNAP operating system versions. | 8.8 |
| 2024-02-02 | CVE-2023-39302 | OS Command Injection vulnerability in Qnap Qts, Quts Hero and Qutscloud An OS command injection vulnerability has been reported to affect several QNAP operating system versions. | 7.2 |
| 2024-02-02 | CVE-2023-41281 | OS Command Injection vulnerability in Qnap Qts, Quts Hero and Qutscloud An OS command injection vulnerability has been reported to affect several QNAP operating system versions. | 7.2 |
| 2024-02-02 | CVE-2023-41282 | OS Command Injection vulnerability in Qnap Qts, Quts Hero and Qutscloud An OS command injection vulnerability has been reported to affect several QNAP operating system versions. | 7.2 |