Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-09-19 | CVE-2018-17228 | OS Command Injection vulnerability in Nmap4J Project Nmap4J 1.1.0 nmap4j 1.1.0 allows attackers to execute arbitrary commands via shell metacharacters in an includeHosts call. | 9.8 |
| 2018-09-19 | CVE-2017-2873 | OS Command Injection vulnerability in Foscam C1 Firmware 2.52.2.43 An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. | 7.2 |
| 2018-09-19 | CVE-2018-17208 | OS Command Injection vulnerability in Linksys Velop Firmware 1.1.2.187020 Linksys Velop 1.1.2.187020 devices allow unauthenticated command injection, providing an attacker with full root access, via cgi-bin/zbtest.cgi or cgi-bin/zbtest2.cgi (scripts that can be discovered with binwalk on the firmware, but are not visible in the web interface). | 8.8 |
| 2018-09-15 | CVE-2018-17068 | OS Command Injection vulnerability in Dlink Dir-816 A2 Firmware 1.10B05 An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. | 9.8 |
| 2018-09-15 | CVE-2018-17066 | OS Command Injection vulnerability in Dlink Dir-816 A2 Firmware 1.10B05 An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. | 9.8 |
| 2018-09-15 | CVE-2018-17064 | OS Command Injection vulnerability in Dlink Dir-816 A2 Firmware 1.10B05 An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. | 9.8 |
| 2018-09-15 | CVE-2018-17063 | OS Command Injection vulnerability in Dlink Dir-816 A2 Firmware 1.10B05 An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. | 9.8 |
| 2018-09-13 | CVE-2018-16741 | OS Command Injection vulnerability in multiple products An issue was discovered in mgetty before 1.2.1. | 7.8 |
| 2018-09-07 | CVE-2018-15484 | OS Command Injection vulnerability in Kone Group Controller Firmware An issue was discovered on KONE Group Controller (KGC) devices before 4.6.5. | 9.8 |
| 2018-09-07 | CVE-2018-16460 | OS Command Injection vulnerability in Umbraengineering PS 0.0.1/0.0.2 A command Injection in ps package versions <1.0.0 for Node.js allowed arbitrary commands to be executed when attacker controls the PID. | 9.8 |