Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

DATE CVE VULNERABILITY TITLE RISK
2023-12-20 CVE-2023-50993 OS Command Injection vulnerability in Ruijie Rg-Ws6008 Firmware and Rg-Ws6108 Firmware
Ruijie WS6008 v1.x v2.x AC_RGOS11.9(6)W3B2_G2C6-01_10221911 and WS6108 v1.x AC_RGOS11.9(6)W3B2_G2C6-01_10221911 was discovered to contain a command injection vulnerability via the function downFiles.
network
low complexity
ruijie CWE-78
critical
9.8
2023-12-20 CVE-2023-0011 OS Command Injection vulnerability in U-Blox products
A flaw in the input validation in TOBY-L2 allows a user to execute arbitrary operating system commands using specifically crafted AT commands.
low complexity
u-blox CWE-78
6.8
2023-12-19 CVE-2023-50466 OS Command Injection vulnerability in Weintek Cmt2078X Firmware 2.1.3
An authenticated command injection vulnerability in Weintek cMT2078X easyweb Web Version v2.1.3, OS v20220215 allows attackers to execute arbitrary code or access sensitive information via injecting a crafted payload into the HMI Name parameter.
network
low complexity
weintek CWE-78
8.8
2023-12-18 CVE-2023-51385 OS Command Injection vulnerability in multiple products
In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations.
network
low complexity
openbsd debian CWE-78
6.5
2023-12-15 CVE-2023-48380 OS Command Injection vulnerability in Softnext Mail SQR Expert 230330/2Dut.190301/2Dut.220701
Softnext Mail SQR Expert is an email management platform, it has insufficient filtering for a special character within a spcific function.
low complexity
softnext CWE-78
8.0
2023-12-14 CVE-2023-44279 OS Command Injection vulnerability in Dell products
Dell PowerProtect DD , versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain an OS command injection vulnerability in administrator CLI.
local
low complexity
dell CWE-78
6.7
2023-12-14 CVE-2023-48662 OS Command Injection vulnerability in Dell products
Dell vApp Manager, versions prior to 9.2.4.x contain a command injection vulnerability.
network
low complexity
dell CWE-78
7.2
2023-12-14 CVE-2023-48663 OS Command Injection vulnerability in Dell products
Dell vApp Manager, versions prior to 9.2.4.x contain a command injection vulnerability.
network
low complexity
dell CWE-78
7.2
2023-12-14 CVE-2023-48664 OS Command Injection vulnerability in Dell products
Dell vApp Manager, versions prior to 9.2.4.x contain a command injection vulnerability.
network
low complexity
dell CWE-78
7.2
2023-12-14 CVE-2023-48665 OS Command Injection vulnerability in Dell products
Dell vApp Manager, versions prior to 9.2.4.x contain a command injection vulnerability.
network
low complexity
dell CWE-78
7.2